Share This

Showing posts with label Cyber Attacks. Show all posts
Showing posts with label Cyber Attacks. Show all posts

Sunday, 14 May 2017

WannaCry ransomeware attacks, how to prevent it?

Source: Intel.malwaretech.com

'Do not pay ransomware hackers' - Nation



WannaCry has spread to Malaysia; two companies here were stricken by the ransomware virus that has infected a massive number of computers across the globe since Friday. Hackers use the virus to hold a victim’s data to ransom – pay up or lose all your information – and the victims overseas include hospital networks, businesses and government agencies.

PETALING JAYA: All governmental agencies have been told of the WannaCry ransomware outbreak and have armoured themselves against attacks.

“All government agencies at federal and state level have been alerted and ensured that their computers have been patched accordingly,” said CyberSecurity CEO Datuk Dr Amirudin Abdul Wahab.

Dr Amirudin said the WannaCry ransomware exploited vulnerabilities of the Windows operating system, especially on Windows XP which has stopped receiving updates since 2014.

“The malware exploits a flaw in the network protocol called the Server Message Block. Unlike former malware cases which is localised to a single computer, WannaCry exploits the operating system’s vulnerabilities and spreads it across PCs in the network.

“This is why it spread at such speed and range. Realising this, Microsoft came out with the MS17010 patch to stop this particular malware from working and spreading,” he said in a phone interview.

The patch was first rolled out in March this year but was not available to Windows XP, Windows 9 and Windows 2003 until May 12, after WannaCry’s outbreak.

According to the Microsoft Security Response Centre, Windows 10 users were not targeted by the attack.

To protect themselves against any malware attack, computer users were urged to back up their files, avoid clicking on suspicious links online or download attachments in e-mail messages sent by strangers.

“Apart from preventive measures, if you think you have been infected by the malware, please report to us at cyber999@cybersecurity.my or call us at 1300-882999,” he said.

In response to a question, Dr Amirudin said it was not an obligation under the law for anyone to report any security breach.

“It is not mandatory in Malaysia, unlike in some other countries,” he lamented, pointing out that when people made a report to CyberSecurity, their confidentiality would be paramount.

“We can also provide assistance,” Dr Amirudin added.

As of 6pm yesterday, CyberSecurity has yet to receive any report on infected computers in Malaysia.

“It does not mean that infection will not happen. At present, however, the situation is manageable and under control and we are always on the alert,” he said.

When contacted, the Malaysian Communications and Multimedia Commission and CyberSecurity Malaysia also said they had not received any report of a WannaCry infection in Malaysia.

Ransomware: how hackers take your data hostage


Screens of NHS computers with images demanding payment of US$300 (RM1,302) in Bitcoin (Bitcoin, digital currencies rally, caution prevails; virtual currency in property), saying: “Ooops, your files have been encrypted!”

It demands payment in three days or the price is doubled, and if none is received in seven days the files will be deleted, according to the screen message.

“Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people’s lives in danger,” said Kroustek, the Avast analyst.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.

Although Microsoft released a security patch for the flaw earlier this year, many systems have yet to be updated, researchers said.

“Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email,” said Lance Cottrell, chief scientist at the US technology group Ntrepid.

Some said the attacks highlighted the need for agencies like the NSA to disclose security flaws so they can be patched.

G7 finance ministers meeting in Italy discussed the attacks and were expected to commit to stepping up international cooperation against a growing threat to their economies. — AFP

Massive Ransomware Attack Hits 99 Countries

PHILADELPHIA (CNN)–Tens of thousands of ransomware attacks are targeting organizations around the world on Friday.

Cybersecurity firm Avast said it has tracked more than 75,000 attacks in 99 countries. It said the majority of the attacks targeted Russia, Ukraine and Taiwan.

What is it?

The ransomware locks down all the files on an infected computer and asks the computer’s administrator to pay in order to regain control of them.

The ransomware, called “WannaCry,” is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven’t updated their systems are at risk. The exploit was leaked last month as part of a trove of NSA spy tools.

“Affected machines have six hours to pay up and every few hours the ransom goes up,” said Kurt Baumgartner, the principal security researcher at security firm Kaspersky Lab. “Most folks that have paid up appear to have paid the initial $300 in the first few hours.”

Sixteen National Health Service (NHS) organizations in the UK have been hit, and some of those hospitals have canceled outpatient appointments and told people to avoid emergency departments if possible. Spanish telecom company Telefónica was also hit with the ransomware.

Spanish authorities confirmed the ransomware is spreading through the vulnerability, called “EternalBlue,” and advised people to patch.

“It is going to spread far and wide within the internal systems of organizations — this is turning into the biggest cybersecurity incident I’ve ever seen,” UK-based security architect Kevin Beaumont said.

Russia’s Interior Ministry released a statement acknowledging a ransomware attack on its computers, adding that less than 1% of computers were affected, and that the virus is now “localized.” The statement said antivirus systems are working to destroy it.

Megafon, a Russian telecommunications company, was also hit by the attack. Spokesman Petr Lidov told CNN that it affected call centers but not the company’s networks. He said the situation is now under control.

“We encourage all Americans to update your operating systems and implement vigorous cybersecurity practices at home, work, and school,” the U.S. Department of Homeland Security said in a statement released late Friday. “We are actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally.”

Kaspersky Lab says although the WannaCry ransomware can infect computers even without the vulnerability, EternalBlue is “the most significant factor” in the global outbreak.

How to prevent it

Beaumont examined a sample of the ransomware used to target NHS and confirmed it was the same used to target Telefónica. He said companies can apply the patch released in March to all systems to prevent WannaCry infections. Although it won’t do any good for machines that have already been hit.

He said it’s likely the ransomware will spread to U.S. firms too. The ransomware is automatically scanning for computers it can infect whenever it loads itself onto a new machine. It can infect other computers on the same wireless network.

“It has a ‘hunter’ module, which seeks out PCs on internal networks,” Beaumont said. “So, for example, if your laptop is infected and you went to a coffee shop, it would spread to PCs at the coffee shop. From there, to other companies.”

According to Matthew Hickey, founder of the security firm Hacker House, Friday’s attack is not surprising, and it shows many organizations do not apply updates in a timely fashion. When CNNTech first reported the Microsoft vulnerabilities leaked in April, Hickey said they were the “most damaging” he’d seen in several years, and warned that businesses would be most at risk.

Consumers who have up-to-date software are protected from this ransomware. Here’s how to turn automatic updates on.

It’s not the first time hackers have used the leaked NSA tools to infect computers. Soon after the leak, hackers infected thousands of vulnerable machines with a backdoor called DOUBLEPULSAR.

Source: CNN’s Clare Sebastian contributed to this report.

WannaCry strikes two Malaysian companies



http://clips.thestar.com.my.s3.amazonaws.com/Interactive/ransomware2017/ransomware2017.mp4

PETALING JAYA: Two local companies have been hit by the infamous WannaCry ransomware, three days after the malicious software was released, infecting 200,000 computers in 150 countries so far.

According to IT security services company LGMS, the first case in Malaysia involved a director of one of its clients who came across the dreaded ransomware on his personal laptop on Saturday morning.

LGMS founder C.F. Fong said the data in the laptop had to be erased as the person did not intend to pay the US$300 (RM1,300) ransom.

The same ransomware appeared in the machine of an automotive shop on Sunday morning.

“The company didn’t have any backup and might pay (the ransom),” said Fong.

Besides disconnecting compu­ters from the network, there was not much else they could do, he noted.

As of 3pm yesterday, a website tracking incidences of WannaCry infections started showing blips in the Klang Valley area.

The website displays a blip whenever an infected computer pings its tracking servers, thus allowing it to map out a geographical distribution of the WannaCry infection.

Fong added that any machine infected by WannaCry should not be connected to a public or cor­­porate network.

“Once you plug into any network, it will start spreading,” he pointed out.

Fong said none of LGMS’ clients, which include major banks in Malaysia, had reported any pro­blems so far, adding that he was quite confident that those who re­gularly updated their computers would not face any problems with WannaCry.

He said ransomware was not new but WannaCry had caused worldwide alarm because of how fast it was spreading.

“We have seen worse and devastating ransomware attacks before but WannaCry’s infection rate is one of the fastest ever as it exploits the vulnerability that exists in Windows,” Fong said.

Security companies all over the world are reporting an unprecedented wave of WannaCry ransomware infections since Friday when more than 150 countries were hit by it.

The ransomware encrypts the data on an infected computer, preventing users from accessing it.

According to a report in The Guardian, the ransomware uses a vulnerability first revealed as part of a leaked stash of NSA-related documents, which infects machines running Windows and encrypts their contents before demanding a ransom to decrypt these files.

The perpetrators promise to release the data once a ransom of US$300 (RM1,300) is paid.

In just two days, computer networks of Britain’s National Health Service, Russia’s interior ministry and international shipper FedEx, among others, were affected.

The website tracking incidences of WannaCry infections was created by a 22-year-old British re­sear­cher known only as MalwareTech, who was credited with being an “accidental hero” after discovering a “kill switch” that halted WannaCry’s outbreak.


Cyber security expert: WannaCry ransomware has ... - The Star Online

Malaysia also hit by WannaCry ransomware - Nation

Singapore not affected by cyber attacks

How to Remove Ransomware. - Ransomware Removal Instruction

Police raid CYL office, seize items

Friday, 15 January 2016

Internet set to cut cord with US government, ICANN urges Internet control



The US government, announcing its intention to end its role in March 2014, said it would seek to maintain a "multi-stakeholder" model for Internet governance

A plan to end a key US government oversight role on the Internet is on track for completion this year, the head of the online address gatekeeper said, in a symbolic move towards asserting the independence of the web.

While the transition will not change how the Internet works, it would help reassure users, businesses and governments about its integrity, according to Fadi Chehade, chief executive of the Internet Corporation for Assigned Names and Numbers (ICANN).

Chehade told AFP the transition plan being prepared since early 2014 will be delivered to the US government in February, and that it could take place on September 30—a year later than originally planned.

If the US government approves the plan, "then the contract between ICANN and the US government which is set to naturally expire on September 30 will just expire," Chehade said in an interview Wednesday in Washington.

Chehade said the private non-profit ICANN is effectively a "traffic cop" that ensures the Internet address system functions, and that the US government's role has been merely to ensure that it follows correct procedures.

"In all the years we've done that (the US government) has never said we did not follow the process," he said.

"People have aggrandized the role of the US government in what we do. But the change is actually minimal. It's important symbolically because the US was really a steward for the Internet, but for day-to-day accountability, it is minimal."

Who runs the Internet?

The US government, announcing its intention to end its role in March 2014, said it would seek to maintain a "multi-stakeholder" model for Internet governance—which allows virtually all users from business to academia to government to participate—instead of a "multilateral" system controlled by governments.

Chehade said that without US oversight, ICANN would be managing the technical functions of the Internet under the supervision of a 16-member board which is designed to maintain diverse representation.

"We have a very solid process that ensures this is not a capturable board," which can be hijacked by governments or other institutions, he said.

He added that the transition plan seeks "to strengthen the assurances that ICANN will remain multi-stakeholder," by giving Internet users more authority to appeal to overturn decisions or even to remove board members.

Chehade noted that even though the ICANN process can be "unwieldy," most decisions are made by consensus, with very few disputed votes in the organization.

He added that he expects a fresh round of hearings in Congress, following complaints by some US lawmakers that Washington is "giving away" the Internet and suggestions that it could be controlled by other governments.

"I think the concerns Congress has raised are very justified and genuine and therefore being prepared to address them is crucial," he said.

But Chehade noted that ICANN has effectively been handling its functions for a long time.

"The independence of ICANN has been proven to be working for many years," he said.

"It's been working and we are now simply admitting that. We are ending the symbolic role of the US government which should have been let go in 2000."

ICANN chief urges wide Internet control

 
Internet Corporation for Assigned Names and Numbers (ICANN) President and CEO Fadi Chehadé called for the "preservation of a decentralised, transnational and not too fragmented governance" of the Internet on Tuesday

The head of the private agency that acts as gatekeeper for the Internet called Tuesday for international discussions to ensure control of the web remains decentralised.

Fadi Chehade, president and CEO of the Internet Corporation for Assigned Names and Numbers (ICANN), called for the "preservation of a decentralised, transnational and not too fragmented governance" of the Internet.

He told a Geneva conference that the Internet should remain "polycentric" but that the private and public sectors should work together.

"Only initiatives involving the private sector and governments can successfully and effectively address crucial issues like cybercrime, taxation of e-commerce, and child protection," Chehade said.

ICANN, which is in charge of assigning domain names, is likely to break free of US oversight late next year.

Washington said in March it might not renew its contract with the Los Angeles-based agency, provided a new oversight system is in place that ensures the Internet addressing structure is reliable.

"ICANN is not and shall not be an island disconnected from other stakeholders," Chehade said.

The agency plans to submit a proposal on oversight to the US Department of Commerce next year.

In an interview published Tuesday in Swiss daily Le Temps, Chehade said the role of the United States—one of ICANN's 147 member countries—would remain important.

"If our DNA remains American, our openness to the world is a reality."

US Commerce Secretary Penny Pritzker pledged at a meeting of Internet leaders in October that the United States would "protect and preserve a free, vibrant and open Internet".

Pritzker said that while the United States might not renew its contract with ICANN, it still had a responsibility to encourage a decentralised Internet.

"The United States will not allow the global Internet to be co-opted by any person, entity, or nation seeking to substitute their parochial world view for the collective wisdom of this community," she said. - AFP

Related posts:


Dec 16, 2015 ... Chinese President Xi Jinping began to deliver a keynote speech at the opening ceremony of the Second World Internet Conference (WIC) held ...


Dec 10, 2015 ... Chinese President Xi Jinping will attend the upcoming Second World Internet Conference (WIC) in the river town of Wuzhen in east China's ...
 
Sick gamers on the rise !
Parents seek help for addicted kids Experts: Too much gaming has more serious effects than most people realise For many Malaysians, i...
IT is 10pm and you know exactly where your children are. They are at home with you, and the last time you looked, they were on their 

Wednesday, 16 December 2015

World Internet Conference 2015 Live from Wuzhen, China



Video: President Xi Jinping delivers keynote speech at WIC

Chinese President Xi Jinping began to deliver a keynote speech at the opening ceremony of the Second World Internet Conference (WIC) held in the river town of Wuzhen in east China's Zhejiang Province Wednesday.



http://english.cntv.cn/2015/12/16/VIDE1450236360367156.shtml



Xi calls for: No double standards in cyber security, cyber sovereignty, inclusive Internet community to build shared cyber future

WUZHEN, Zhejiang, Dec. 16 (Xinhua) -- Chinese President Xi Jinping on Wednesday called for joint efforts to combat cyber crimes and Internet terrorism, while underscoring that there should not be any double standards in safeguarding cyber security.

"We can not just have security for one or some countries, leaving the rest insecure, still less should one seek the so-called absolute security of itself at the expense of security of others," Xi said in a keynote speech at the opening ceremony of the Second World Internet Conference held in the river town of Wuzhen, east China's Zhejiang.

Cyberspace is for all mankind. Its future should be in the hands of all nations and countries should step up communication, broaden consensus and deepen cooperation, the Chinese president said.

Xi Jinping has put forward five proposals to build a community of shared future in cyberspace.

Speaking at a government-organised conference in Wuzhen Town attended by executives of global and Chinese Internet companies, he called for efforts to speed up the building of global cyber infrastructure and promote connectivity.

“China stands ready to work with all parties concerned to come up with more investment and technical support to jointly advance the building of global cyber infrastructure and enable more developing countries and their people to share the development opportunities brought by the Internet,” Xi said.

China's President Xi Jinping laid out his vision for the internet, calling for respect of different governance models and standardized online security, placing China at the front of debates on online control and sovereignty.
"Each country should join hands and together curb the abuse of information technology, oppose network surveillance and hacking, and fight against a cyberspace arms race," Xi told China's second World Internet Conference.
Major Internet players such as Facebook, Microsoft, and China's Alibaba attended the conference.

Participants hail President Xi's remarks at WIC

Participants hail President Xi's remarks at WIC.



Commentary: "Shared and governed by all" only way for Internet to get out of "Hobbes Jungle"


BEIJING, Dec. 16 (Xinhua) -- Twenty-eight years ago, the founding father of the German Internet Dr. Werner Zorn helped Beijing send its first email to the outside world, which said: "Across the Great Wall we can reach every corner in the world."

However, today, China, together with other developing countries, still find themselves trapped in a jungle due to an expanding digital divide and a lack of joint governance.

The divide, a technological gap between developing and developed countries on an international scale, is mainly caused by some Western countries' arrogance and monopoly of information and communication technologies.

For example, the central nervous system of the global Internet with 13 root severs is completely dominated by the West, with the United States having 10 root severs while Britain, Sweden and Japan possess one respectively.

The ever-enlarging gap is detrimental to the stability and sustainable development of the international community, leading to anarchy in cyberspace and to some extent, gradually transforming it into a Hobbes Jungle where the stronger always has a bigger say over the destiny of smaller ones.

In addition, the divide has begun to show side effects like cybercrimes or even cyberterrorism as it accelerates social inequality, which provides fertile ground for extremism.

Like China, the United States is also a victim of cyberanarchy and such side effects. The recent shooting rampage in southern California, where two attackers radicalized by fanatical propaganda of the Islamic State (IS) on the Internet opened fire on innocent people, has sent a strong signal to Uncle Sam and its Western allies that they need to share and govern cyberspace with others.

After all, the Law of Jungle is relentlessly fair to everyone. In the long run, it neither favors the United States for its preponderance nor discriminates against the IS for its extremism.

In this sense, the opening of the Second World Internet Conference on Wednesday in China's Wuzhen with the theme of "an interconnected world shared and governed by all -- building a community of common future in cyberspace", is a boon to nations worldwide threatened by the Law of Jungle.

If they want to get out of the jungle, they should bear three things in mind.

First, teamwork. Treat each other with respect and equality. The jungle is too enormous for egoism. Selfishness and hegemony worship will only ruin the mission. So the hefty ones like the United States should learn to cooperate if they want to defeat common enemies like cybercrimes.

Second, sharing. Don't let the smaller ones be knocked out. Help them grow. Otherwise, they will become accomplices of the jungle. The Western countries who enjoy early advantages of information technology should loosen their restriction on technology transfers to developing countries.

Thirdly, joint governance. Never seek hegemony in decision-making. There are many paths to leave the jungle and the one you choose may not suit others. The governance of cyberspace needs the participation of all parties and all voices should be heard before a final decision is made.

By Tian Dongdong Xinhua

Cyber security depends on US cooperation
US President Barack Obama delivers remarks next to Secretary of Homeland Security Jeh Johnson (L) at the National Cybersecurity and Communications Integration Center in Arlington, Virginia, January 13, 2015. [Photo/Agencies]

China's attempts to cooperate with the United States to safeguard the strategic stability of cyberspace have been welcomed, as the Chinese mainland and Hong Kong have suffered a series of high-profile cyber attacks this year, according to the latest PricewaterhouseCoopers Global State of Information Security Survey. The average financial loss caused by cyber-crimes in the region, says the report, rose 10 percent year-on-year to $2.63 million, compared with a 5 percent decline globally.

In cooperating to safeguard cyberspace, Beijing and Washington could seek the Internet equivalent of the code of safe conduct agreed between their militaries to avoid naval and air encounters, which has helped manage several bilateral disputes.

The two countries should first try their best to not point the finger at each other in case a conflict over cyber security emerges. The latest round of tensions in cyberspace started in early 2013, when American private security company Mandiant released a report, "APT1: Exposing One of China's Cyber Espionage Units", accusing the Chinese military of stealing US intellectual property.

Such a hysterical attitude, to a point, reflects the US' anxiety over China's impressive economic growth in the recent years. It is, therefore, important that the US seek to adjust its strategic perception of China and accept that the power gap between them is closing.

Beijing, on its part, ought to make more efforts to make its ideas clear to acquire a bigger say in global cyber-security affairs. Besides, neither country, especially the US, should make a habit of "making enemies" by taking irresponsible actions, even for the sake of national security.

True, most cutting-edge technologies in the age of the Internet can be lawfully and strategically used to gather military intelligence and keep cyber attacks at bay. But highly politicized discussions and operations, which used to be kept secret, can now be made public by the media today. So the challenge is to keep such details confidential.

In regard to China-US cyber cooperation, the major problem lies in Washington's attempts to create enemies for political motives. Tactics such as exaggerating the perils of the so-called Chinese cyber-attacks and intimidating the American public and legislature with some selectively chosen materials, for example, have been routinely used by the US cyber-security authorities to create more room for political maneuverings and get more military budget.

Such tricks may have eased some of their pressure to safeguard homeland security, but they have come at the cost of cyberspace stability which China and the US both need. They have also failed to protect the two countries' national interests, which need them to closely coordinate rather than oppose or accuse each other.

Washington should also be careful about its military industry, which is basically bolstered by certain security enterprises and departments trying to abduct the national security policy.

For some US security companies, gathering evidence on the imaginary cyber-attacks from China to help thwart them in the future can guarantee the consistent increase in their market values. Likewise, relevant governmental organs also tend to overstate the cyber security issue to increase their budget and influence security affairs.

China and the US should not let such parochial and hawkish mindset affect Washington's cyber-security strategy, because neither country can emerge as winner in a cyber war; in fact, such a war will cause huge damage to the world. As a responsible major power, the US is obliged to push forward the China-US strategic dialogue on cyber security to make global cyberspace more stable, rather than using double standard to defend its controversial strategy and tactics, and condemn China for absurd reasons.

By Shen Yi (China Daily)
The author is an associate professor in the Department of International Politics at Fudan University in Shanghai.

China key to turning cyberspace truly global
A visitor tries out wearable device at the Light of the Internet Expo in Wuzhen, Zhejiang province, Dec 14, 2015. [Photo /chinadaily.com.cn]

China holds a pivotal role in the Internet. It had more than 650 million Internet users by the end of last year and it is the largest and fastest growing information and communications technology consumer market in the world. The Chinese ICT sector is currently valued at €433 billion ($477.472 billion) and it is growing at an annual average rate of 7 percent, the fastest in the world. The country has made tremendous progress in Internet development in the past decade having become the most active e-commerce market in the world.

However, if we look at the distribution of the world's ICT sector, China does not rank first. It ranks third. In 2012 China accounted for 13 percent of the world's ICT, behind the United States (32 percent) and the European Union (23 percent). In the same year, the value of the EU's ICT sector exceeded €516 billion.

These figures show the tremendous growth opportunities of China's ICT industry. Obviously, the strategy should not be just to copy leading brands or seek to produce "Chinese" products. The ICT industry is not the car industry. It doesn't just produce a series of final products; it produces interconnected systems too. In the ICT industry, we cannot innovate in isolation. Each single new product or system needs to be compatible — to interoperate — with those of upstream service providers and of the applications that users want.

Even more than in other globalized industries, the keyword in ICT is specialization. In other words, China should not promote investments in areas where other countries or economies are strong, but seek cooperation instead. In this regard, an analysis of the ICT statistics of China and the EU show how complementary China's and Europe's ICT sectors are.

China is very strong in manufacturing — more than 50 percent of the ICT sector comprises the manufacturing of telecom equipment, consumer electronics and electronic components. The EU instead dominates in high-end innovative services and IT applications, which together account for more than 55 percent of regional ICT sector.

The EU is a major technology hub and it can provide a key contribution for the growth of new ICT markets in China if adequate cooperation agreements are timely discussed and concluded, for example, in niche markets like the Internet of Things, smart cities, big data, e-health, cloud services, which will drive growth in the ICT industry in the next decade.

But opportunities for cooperation also exist in the "traditional" telecom segment. China and the EU are home to the world's major telecom vendors. Synergies in 5G development are clear, especially following the signing of the EU-China Agreement on 5G last September in Beijing.

The EU-China political and economic relationship is very developed, though there are some challenges, which we need to overcome to improve cooperation in the digital field, such as the lack of mutual understanding of the reciprocal markets, divergences in the approach to cyber security and, related to it, a lack of global Internet confidence. Moreover there are substantial regulatory divergences between the Chinese and EU rules, for example, on consumer protection and data protection.

The EU has just started its ambitious "Digital Single Market" strategy, which should in the coming years reduce barriers to doing business across the EU's internal borders, provide EU companies scale and resources to grow and make the EU an even more attractive location for global companies.

The EU's Digital Single Market strategy will offer substantial investment opportunities to Chinese ICT companies.

However, in the global Internet ecosystem, the concept of attracting investment by making one's investment conditions more attractive than those in competing economies is outdated. We need a global single, open cyberspace.

The second World Internet Conference in Wuzhen, Zhejiang province, could be the starting point of discussions between China and the EU, for instance, on how to facilitate online purchases of digital contents and to promote affordable high quality parcel delivery. Obviously, at a later stage anecdotal evidence should be complemented thorough academic study of respective Internet regulations in China and the EU.

By Luigi Gambardella (China Daily)
The author is president of ChinaEU, a non-profit platform aiming to boost bilateral digital cooperation.

Related:

Wuzhen showcases China’s Net prosperity

If we all apply the rules of the US, many societies could not afford the consequences.
Source: Global Times | 2015-12-16 0:48:01

Aerial view of Wuzhen, venue for World Internet Conference

Wuzhen World Internet Conference 2015


Related post
  World Internet Conference to be held Dec 16~18 2015 Wuzhen China
Chinese President Xi Jinping will attend the upcoming Second World Internet Conference (WIC) in the river town of Wuzhen in east China ...

Saturday, 27 December 2014

Sony comedy film: The Interview looms cyber war as US-N.Korea tension spikes

The Interview is a 2014 American political comedy film directed by Seth Rogen and Evan 
Goldberg in their second directorial work, following This Is the End. The screenplay by Dan Sterling is from a story by Rogen, Goldberg and Sterling. The film stars Rogen and James Franco as journalists instructed to assassinate North Korean leader Kim Jong-un (played by Randall Park) after booking an interview with him. It received mixed reviews from critics.

In June 2014, the North Korean government threatened "merciless" action against the United States if the film's distributor, Columbia Pictures, went ahead with the release. Columbia delayed the release from October 10 to December 25, and reportedly edited the film to make it more acceptable to North Korea. In November, the computer systems of parent company Sony Pictures Entertainment were hacked by the "Guardians of Peace", a group the FBI believes has ties to North Korea. After leaking several other then-upcoming Sony films and other sensitive internal information, the group demanded that Sony pull The Interview, which it referred to as "the movie of terrorism". On December 16, 2014, the Guardians of Peace threatened terrorist attacks against cinemas that played The Interview.

On December 17, after a number of major North American cinema chains canceled screenings in the interest of safety, Sony canceled the theatrical release of The Interview, drawing criticism from the media, Hollywood figures and U.S. President Barack Obama. After initially stating that it had no plans to release the film, Sony made The Interview available for online rental on December 24, and in a limited release at selected cinemas on December 25. - Wikipedia



 Cyber war looms as US-NK tension spikes

North Korea's Internet and 3G networks were back to normal by midday Tuesday after hours of a strange shutdown. This blackout led to speculation that North Korea had been under cyber-attack from the US. It remains unknown whether the purported US-North Korea conflict will flare up into full-blown cyber war.

Sony Pictures, which has caught global attention for filming The Interview, a movie featuring the fictional assassination of North Korean leader Kim Jong-un, was attacked by a group of hackers recently. The FBI asserted that these hackers were sponsored by North Korea, and US President Barack Obama declared the US would make a "proportional response." Thus, there are high suspicions that Washington is behind the attack.

Neither Washington nor Pyongyang has commented officially on the incident. There are more threats to cyber security than ever before, and hacking groups not backed by governments have become mainstream. Countries like the US have established cyber armies, but there has been no declaration of a cyber war so far. Any party suspected of launching cyber invasions using its regular cyber army always denies its involvement.

We hope that Washington and Pyongyang will not engage in war in cyberspace. Once they cross the Rubicon, there is no way back.

The current suspected tit-for-tat situation between North Korea and the US raises the risks of a cyber war. Pyongyang has shown its abomination toward Sony Pictures. However, having denied any connections with the attacks, it hailed these actions as justified.

Washington has revealed its inclination to retaliate against Pyongyang, which is why many assume the Internet blackout in North Korea was its doing. Washington's response could be an overreaction, as it is implying that cyber attacks can be seen as a kind of legitimate state action, which will set a precedent for cyber wars.

Antagonism between North Korea and the US will remain a hot topic for quite a while in the international community. If more cyber attacks are launched in the near future, many people will believe that a cyber war between them has already broken out. It is possible that Washington is trying to teach Pyongyang a lesson and show its strength through cyber attacks. But it must keep in mind that its advanced networks also have loopholes, which might be taken advantage of by a single hacker and a computer.

The US must not set an example by engaging in cyber warfare. It might prevail in the short term, but the already vulnerable Internet order will be mired in countless trouble.

This North Korea-US cyber conflict has also reminded China that it must reinforce its cyber security and act as a constructive role to guard peace across the Internet. As for the speculation that it was China that cut off North Korea's Internet connections, these are spurious and do not merit our attention.- Global Times

Related posts:

2014 has seen a tsunami of epic hacks and identity thefts, including the recent massive cyber attack on Sony Pictures Entertainment. Sec... 


Information technology players believe Malaysia is beginning to tap into the potential of the Internet of things. KUALA LUMPUR: Social m...

Sunday, 23 June 2013

No privacy on the Net !

Revelations about PRISM, a US government program that harvests data on the Internet, has sparked concerns about privacy and civil rights violations. But has there ever been real privacy and security on the WWW?

 Demonstrators hold posters during a demonstration against the US Internet surveillance program of the NSA, PRISM, at Checkpoint Charlie in Berlin, Germany, ahead of US President Barack Obama’s visit to the German capital.

IMAGINE a time before email, when all your correspondence was sent through the post. How would you feel if you knew that somebody at the post office was recording the details of all the people you were corresponding with, “just in case” you did something wrong?

I think quite a few of you would be upset about it.

Similarly, some Americans are furious over revelations made about a system called PRISM. In the last few weeks, an allegation has been made that the US government is harvesting data on the Internet by copying what travels through some of its Internet Service Providers.

The US Director of National Intelligence has said that PRISM “is not an undisclosed collection or data mining program”, but its detractors are not convinced that this doesn’t mean no such program exists.

I think there are mainly two kinds of responses to this revelation: “Oh my God!” and “What took them so long?”.

The Internet has never really been secure. Because your data usually has to travel via systems owned by other people, you are at their mercy as to what they do with it. The indications are that this is already being done elsewhere.

Countries such as China, India, Russia, Sweden and the United Kingdom allegedly already run similar tracking projects on telecommunications and the Internet, mostly modelled on the US National Security Agency’s (unconfirmed) call monitoring programme. For discussion, I’ll limit myself for the moment to just emails – something that most people would recognise as being private and personal.

I find many people are surprised when I tell them that sending email over the Internet is a little bit like sending your message on a postcard. Just because you need a password to access it, doesn’t mean it’s secure during transmission.

The analogy would be that your mailbox is locked so only you can open it, but those carrying the postcard can read it before it reaches its final destination. Of course, there are ways to mitigate this. One has to be careful about what one put in emails in the first place. Don’t send anything that would be disastrous if it were forwarded to someone else without your permission.

You could also encrypt your email, so only the receiver with the correct password or key could read it, but this is difficult for most end users to do. (For those interested in encrypting emails, I would recommend looking at a product called PGP.)

The analogy holds up for other Internet traffic. It’s easy to monitor, given enough money and time. And as easy as it is for the Good Guys to try to monitor the Bad Guys, it’s just as easy for the Bad Guys to monitor us hapless members of the public.

But who do we mean by the Bad Guys? Specifically, should the government and law-enforcement agencies be categorised as ‘Bad Guys’ for purposes of privacy? Generally, the line oft quoted is “if you have nothing to hide, then you have nothing to worry about”.

Yet, I think we all accept that there should be a fundamental right to privacy, for everybody from anybody. An interesting corollary to being able to express your thoughts freely is that you should also be able to decide when and how you make them public.

The fault in relying on organisations that say “trust us” isn’t in the spirit of their objectives, but in how the humans in them are flawed in character and action.

An example quoted regularly at the moment is how the FBI collected information about Martin Luther King because they considered him the “most dangerous and effective Negro leader in the country”.

One way of defining the boundaries are by codifying them in laws. For example, the Malaysian Personal Data Protection Act prohibits companies from sharing personal data with third parties without the original owner’s consent.

However, this law explicitly does not apply to the federal and state governments of Malaysia. Another clause indicates that consent is not necessary if it is for the purpose of “administration of justice”, or for the “exercise of any functions conferred on any person by or under any law”.

In relation to the revelations of PRISM, several questions come to mind: Can Internet traffic (or a subset of it) be considered “personal data”? Is it possible for government agencies to collect and store such data without your consent?

And if so, what safeguards are there to ensure that this personal data is accurate, is used correctly and is relevant for storage in the first place?

This should be a sharp point of debate, not just in terms of which of our secrets the government can be privy to, but also of which of the government’s information should be readily accessible by us.

True, there is so much data out there that analysing it is not a trivial task. However, companies such as Google are doing exactly that kind of work on large volumes of unstructured data so that you can search for cute kittens. The technology is already on its way.

Perhaps I am being over-cautious, but it seems a bit fantastical that people can know your deepest and darkest secrets by just monitoring a sequence of 1’s and 0’s. But, to quote science fiction author Phillip K. Dick, “It’s strange how paranoia can link up with reality now and then”.

Contradictheory
By DZOF AZMI

> Logic is the antithesis of emotion but mathematician-turned-scriptwriter Dzof Azmi’s theory is that people need both to make sense of life’s vagaries and contradictions. Speak to him at star2@thestar.com.my.

Related post:

US Spy Snowden Says U.S. Hacking China Since 2009

Monday, 17 June 2013

Upset over US cyber spying!

There are increasingly strong reactions to revelations that United States agencies are spying on Internet use by Americans and foreigners as well as planning cyber actions on foreign targets.

 
Weekend News Round-up: US cyber spying whistle-blower revealed; is Snapchat worth US$1bn?

THE revelations of data collection on a massive scale by the United States’ security agencies of details of telephone calls and Internet use of its citizens and foreigners are having reverberations around the world.

Much of the responses have been on the potential invasion of privacy of individuals not only in the United States but anywhere in the world who use US-based Internet servers.

Also revealed is a US presidential directive to security agencies to draw up a list of potential overseas targets for US cyber-attacks.

This lays the Unites States open to charges of double standards and hypocrisy: accusing other countries of engaging in Internet snooping or hacking and cyber warfare, when it has itself established the systems to do both on a mega scale.

The revelations, published in the Guardian and Wall Street Journal, and based on a leak by a former US intelligence official, include that US security agencies have access to telephone data of Verizon Communications, AT&T and Sprint Nextel, as well as from credit card transactions.

They also can access data from major Internet companies – Google, Yahoo, Microsoft, Facebook, AOL, Apple, PalTalk, Skype and YouTube—under the Prism surveillance programme.

Millions of Internet users around the world use the servers or web-based services of the companies mentioned.

Two American citizen groups, the American Civil Liberties Union (ACLU) and the New York Civil Liberties Union, have filed a lawsuit against the US administration.

“Those programmes constitute unreasonable intrusions into American’s private lives that’s protected by the Fourth Amendment (on search and seizure),” said Brett Kaufman of the ACLU, as quoted by IPS news agency.

Governments and people outside the United States are equally upset, or more so, that they apparently are also covered by the massive US surveillance programme.

The European Union’s commissioner of justice Viviane Reding has written to the US attorney general asking if European citizens’ personal information had been part of the intelligence gathering, and what avenues are available for Europeans to find out if they had been spied on.

In China, commentators and opinion makers are citing double standards on the part of the United States.

An article in the China Daily commented that the massive US global surveillance programme as revealed is certain to stain Washington’s overseas image and test developing China-US ties.

An editorial in another Chinese paper, Global Daily, stated: “China needs to seek an explanation from Washington.

“We are not bystanders. The issue of whether the United States as an Internet superpower has abused its powers touches on our vital interests directly.”

In their summit last week in California, United States President Barack Obama reportedly pressed Chinese President Xi Jinpeng to curb cyber-spying by Chinese agencies and companies.

The breaking news about the United States snooping on Internet users must have caused some discomfort to Obama when bringing up this issue.

A Chinese Foreign Ministry spokesperson last week reiterated that “China is also a victim to the most sophisticated cyber hacking”.

Though less publicised, a part of the leaks published in the Guardian, was a 18-page directive from President Obama to his security and intelligence officials to draw up a list of potential overseas targets for US cyber-attacks.

The October 2012 directive states that what it calls Offensive Cyber Effects Operations (OCEO) “can offer unique and unconventional capabilities to advance US national objectives around the world with little or no warning to the adversary or target and with potential effects ranging from subtle to severely damaging”, according to the June 7 Guardian article by Glenn Greenwald and Ewen MacAskill.

The directive says the government will “identify potential targets of national importance where OCEO can offer a favorable balance of effectiveness and risk as compared with other instruments of national power”.

The aim of the document was “to put in place tools and a framework to enable government to make decisions” on cyber actions, a senior administration official told the Guardian.

Obama’s move to establish a potentially aggressive cyber warfare doctrine will heighten fears over the increasing militarisation of the Internet, comments the Guardian article.

It adds that the United States is understood to have already participated in at least one major cyber attack, the use of the Stuxnet computer worm targeted on Iranian uranium enrichment centrifuges, the legality of which has been the subject of controversy.

In the presidential directive, the criteria for offensive cyber operations in the directive is not limited to retaliatory action but vaguely framed as advancing “US national objectives around the world”.

Obama further authorised the use of offensive cyber attacks in foreign nations without their government’s consent whenever “US national interests and equities” require such non-consensual attacks. It expressly reserves the right to use cyber tactics as part of what it calls “anticipatory action taken against imminent threats”.

The Guardian commented: “The revelation that the US is preparing a specific target list for offensive cyber-action is likely to reignite previously raised concerns of security researchers and academics, several of whom have warned that large-scale cyber operations could easily escalate into full-scale military conflict.”

Meanwhile, UN Human Rights Council’s Special Rapporteur Frank La Rue issued a report on June 4 on the increasing use of surveillance, warning that unfettered state access to surveillance technologies could compromise human rights to privacy and freedom of expression, as protected by the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights (ICCPR).

The report warned too against the use of “an amorphous concept of national security” as a reason to invade people’s rights to privacy and freedom of expression, arguing that such an invasion potentially “threatens the foundations of a democratic society”.

Global Trends
By MARTIN KHOR

Related posts:
US Spy Snowden Says U.S. Hacking China Since 2009 
New China-US relationship can avoid past traps 
Xi-Obama summit aims to boost ties, aspirations between China and USA 

Sunday, 16 June 2013

US Spy Snowden Says U.S. Hacking China Since 2009

Support: Protesters shout slogans in support of former US spy Edward Snowden as march to the US consulate in Hong Kong

Video:
Director Robert Mueller says Edward Snowden has caused damage to national security.
http://www.dailymail.co.uk/news/article-2341451/Whistleblower-Edward-Snowden-smuggled-secrets-everyday-thumb-drive-banned-NSA-offices.html

 
The United States has hacked hundreds of Chinese civilians since 2009. But its favored hacking technique isn't to target individual PCs via advanced persistent threat (APT) attacks, in the manner of the Chinese military. Instead, it prefers to compromise foreign network backbones, thus potentially gaining access to hundreds of thousands of systems at once. 

 That revelation was delivered by whistle-blower Edward Snowden, until recently a contractor for the National Security Agency. He emerged from hiding Wednesday to grant an interview to Hong Kong's South China Morning Post.

"We hack network backbones -- like huge Internet routers, basically -- that give us access to the communications of hundreds of thousands of computers without having to hack every single one," he told the Post.

According to NSA documents reviewed by the Post, which haven't been verified, targets of the NSA's Prism program have included computers in both mainland China and Hong Kong. People targeted included systems at Hong Kong's Chinese University, as well as government officials, businesses and students in the region. But the Post reported that the program didn't appear to target Chinese military systems.

 [ Security standoff at recent U.S.-China summit: Read U.S.-Chinese Summit: 4 Information Security Takeaways. ]
 
According to Snowden, he learned of at least 61,000 such NSA hacking operations globally. The Post didn't specify whether those operations all allegedly occurred since 2009.

Why go public with the NSA's alleged hacking campaign? Snowden said he wanted to highlight "the hypocrisy of the U.S. government when it claims that it does not target civilian infrastructure, unlike its adversaries."

"Not only does it do so, but it is so afraid of this being known that it is willing to use any means, such as diplomatic intimidation, to prevent this information from becoming public," he said.

Snowden first arrived in Hong Kong May 20, and said that the choice of venue wasn't accidental. "People who think I made a mistake in picking Hong Kong as a location misunderstand my intentions. I am not here to hide from justice, I am here to reveal criminality," he said, noting that he planned to stay until "asked to leave." Noting that the U.S. government had already been "bullying" Hong Kong authorities into extraditing him, Snowden said that he would legally fight any such attempt.

How will Hong Kong handle Snowden's case? "We can't comment on individual cases," Hong Kong's chief executive, Leung Chun-ying, told Bloomberg Wednesday. "We'll handle the case according to our law."

Hong Kong is a special administrative region of China, and Beijing could influence the government's legal thinking. But when asked in a Thursday press conference if the Chinese government had received any requests from Washington related to Snowden's case, Hua Chunying, a spokeswoman for China's foreign ministry, said only: "We have no information to offer," reported The Hindu in India.

Snowden previously said he would prefer to "seek asylum in a country with shared values," and named Iceland. Asked to respond to a spokesman for Russian president Vladimir Putin recently saying that were Snowden to apply for asylum in his country, authorities would consider his request, Snowden replied: "My only comment is that I am glad there are governments that refuse to be intimidated by great power."

Snowden said he hadn't contacted his family since leaving the country, but feared for both their safety as well as his own. He also appeared disinclined to glorify what he'd done. "I'm neither traitor nor hero. I'm an American," he said. "I believe in freedom of expression. I acted in good faith but it is only right that the public form its own opinion."

How has China reacted to Snowden's revelations that the NSA is spying on the Chinese? Chinese foreign ministry spokewoman Hua said in a regular press conference Thursday that the government has been following the revelations of NSA monitoring detailed by Snowden, and she repeated calls from the Chinese government -- agreed to in principle at last week's U.S.-China summit in California -- to launch a cybersecurity working group to increase "dialogue, coordination and cooperation" between the two countries.

"We also think adoption of double standards," she said, "will bring no benefit to settlement of the relevant issue."

By  Mathew J. Schwartz
IT finally has its security priorities right, our annual survey shows. Also in the new, all-digital Strategic Security issue of InformationWeek: Five counterintuitive insights on innovation from our recent CIO Summit.

Related posts:
New China-US relationship can avoid past traps 
Xi-Obama summit aims to boost ties, aspirations between China and USA  

 

Friday, 22 February 2013

Cyberattacks using US IPs' target military - China-fights back


VIDEO: EXPERT SAYS HACKING ALLEGATION ILLOGICAL CCTV News - CNTV English



China’s state media has come out fighting after over allegations of cyberattacks on US companies, and declared the accusations a “commercial stunt.”

Earlier this week, Alexandria based Internet security firm Mandiant, said Chinese military cyberspy unit had been targeting US and other foreign firms and organisations in hacking attacks.

But China Daily have hit back, writing: “One cannot help but ask the real purpose of such a hullabaloo.”

The paper added:
“With the US economic recovery dragging its feet, it is reasonable to think that some in Washington may want to make China a scapegoat so that public attention is diverted away from the country’s economic woes.”
China Daily also quoted defense ministry spokesman Geng Yansheng as saying the People’s Liberation Army had also been targeted in a “significant number” of cyberattacks.

“A considerable number” of them originated in the United States, judging from the IP addresses involved,” he said, but added that he did not “accuse” the US government of being involved.

According to Agence France-Presse, Mandiant’s report alleges that the hacking group “Advanced Persistent Threat” (APT1), was part of the Chinese military’s Unit 61398. Mandiant also said APT1 have stolen hundreds of terabytes of data from at least 141 across 20 industries, some of whom are involved with US domestic infrastructure.

But official state news agency Xinhua said the Mandiant report “reeks of a commercial stunt”.

“Next time,” wrote Xinhua in a stinging commentary, “the CEO could simply say: ‘See the Chinese hackers? Hurry up, come and buy our cyber security services.’ ”

The state news agency added that the US had a “matchless superiority and an ability to stage cyberattacks across the globe”, and that the US military had “established a significant cyber force, including the 780th Military Intelligence Brigade, which is a regular military unit tasked with carrying out cyber missions”.
In a further missive, Xinhua said Washington had a “habit of accusing other nations based on phony evidence,” adding:
“Facts will eventually prove that the cyberattacks accusations are groundless and will only tarnish the image and reputation of the company making them, as well as that of the United States.”
The comments in China’s media comes after President Obama’s administration executive order on February 12 which promised to aggressively combat the increase in cyberattacks pursuing trade secrets that could threaten domestic economic and national security, Mondaq reports.

In a report titled the Cyberspace Policy Review, the White House did not explicitly name China as a threat, but the inference was clear.

The step-up on US cyber-security follows well publicized claims of hacking attacks from Chinese sources at The New York Times, The Washington Post and the Wall Street Journal.

White House Press Secretary Jay Carney said Tuesday, “We have repeatedly raised our concerns at the highest levels about cybertheft with senior Chinese officials, including in the military, and will continue to do so. This is a very important challenge.”

At a subsequent press briefing on Wednesday, Carney added there could be possible trade restrictions imposed on China.

But some experts say most the documented cyberattacks have been linked to Eastern Europe, with the remainder linked to the U.S. and only a handful to China.

“There are too many people right now saying, ‘the sky is falling,’ without proposing cost-effective solutions, which is causing a lot of confusion,” said James Hendler, professor of computer science at Rensselaer Polytechnic Institute in Troy, New York, IB Times reports.