Log in

Archive for February, 2010

Chinese Educational Institutions attack US Companies

February 25th, 2010

In a startling revelation, recent attacks on Google and other premier companies in the US have been tracked back to America’s old rival China. Out of these two institutes, one is believed to have strong ties with a group called People’s Liberation Army (PLA) – which has close ties with Chinese military. With this, there is lot of rumor floating in the air that the attacks were carried out by the Chines government. The news-item was published in The New York times today.

Although the American companies have discovered only now, it is generally believed that the attacks were discovered during the beginning of April last year. The primary purpose of these attacks was to steal trade secrets and computer codes. There is a strong possibility that the malicious attackers could have gained access to the Google’s system for more than 8 months which is shocking.

There hasn’t been any statement issued by China in this matter, but in previous such instances the Chinese government has said to inolvement in any kind of attack. Due to this attack, Google has even threatend to censor results on the Chinese search engine.

According to the NSA (National Security Agency) these attacks have been linked to the class of a profesor from Ukraine who was teaching computer science to vocational school students at the Lanxiang School. It is generally believed that school is grooming students as scientists who can work at military. The computer network at the school is run by Google’s top competitor Baidu.

On the opposite side of spectrum, experts give mixed views. One school of thought says that ‘School’ is being intentionally used as protection identity. Then there are people who also think that the operation has been carried out by another country in the name of schools in China.

According to James C. Mulvenon, a Chinese military specialist and a director at the Center for Intelligence Research and Analysis in Washington D.C.,“We have to understand that they have a different model for computer network exploit operations by the Chinese government volunteering as patriotic hackers to support their policies.”

The other school caught in the pick of things is the Shanghai Jiaotong School. Infact, Jiaotong is populary recognized as one of the best centers in the world for computer science studies. The bright students at the school have also defeated Stanford & Moscow students to win Battle of the Brains programming contest held by IBM in Harbin, China. A professor at the school said, “I believe there are two types of situations. One is it’s a completely individual act of wrongdoing, done by one or two geek students in the school who are just keen on experimenting with their hacking skills learned from the school, since the sources in the school and network are so limited. Or it could have been done by one of the university’s IP addresses was hijacked by others, which happens frequently,”

Staying safe with Alertsec

Alertsec Xpress offers computer security software from Check Point as a fully customizable and pre-packaged data encryption software solution. Our encryption software protects you in just a few minutes.

No comments »

Posted in Encryption

Tags: china computer security software

Security Updates are Signs of Insecurity

February 21st, 2010

Mainstream software providers continually add security updates to their programs. While the practice is common and ensures that end users are protected from the latest threats and exploits, it highlights a scary truth: most computer software relied on every day by businesses and individuals isn’t secure. The fact that computer programmers constantly need to provide updates is yet another reminder of just how dangerous technology can be.

Unfortunately, it’s not just specialized software which requires security updates. Microsoft’s Windows operating system is infamous for having weekly, if not daily, security upgrades. Security vulnerabilities are just as common with computer programs like Firefox and Adobe. Organizations need to be aware of the risks created by technology and invest in additional computer protection solutions.

A Security Update’s Hidden Message

It’s not unusual to log into your computer and have a security update window pop up, prompting you to install the latest version of some software. These updates, which are created by software developers, patch any recent security holes that have been discovered and upgrade the the code to be more secure. At first glance, these events seem innocent- it makes sense for software to evolve in order to always beat new threats. However, the frequency of these updates reveals a scary truth- most computer applications can be exploited by hackers and aren’t as secure as you’d like them to be.

As anyone who uses Microsoft’s Windows OS can attest to, even well-protected and reputable technologies often have mandatory security updates. The sad reality is that, in many cases, the security patch is developed only after an exploit is discovered by a cyber intruder. For example, Google’s infamous security breach revealed fatal coding errors in Microsoft’s Internet Explorer browser. In response, Microsoft rushed to release an emergency patch which fixed the problem.

Unfortunately, security patches are rarely a final solution. Software developers have to continually look for ways by which outsiders could manipulate their code to infiltrate a computer’s defenses. Sadly, in most cases, third parties end up finding the security flaws first. This is shown perfectly with Microsoft’s “quick fix” to solve the vulnerabilities in IE: a few days after the patch’s release, a security company claimed that the browser was still an easy target for hackers and full of possible exploits. Microsoft’s only response, a generic PR statement:

Microsoft is investigating a responsibly disclosed vulnerability in Internet Explorer. We’re currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe customers are at reduced risk due to responsible disclosure. Once we’re done investigating, we will take appropriate action to help protect customers.

Additional Protection is Required

Organization that seek to protect their digital assets, which include proprietary information and customer data, can’t rely on the software they use to be impenetrable. The flow and amount of security updates show that companies need to invest in additional measures to protect their computers. Encryption software, such the Alertsec Xpress full disc encryption service we offer, adds that extra layer of security and helps defend your machine when the software you use fails.

Further Reading
Microsoft releases emergency Internet Explorer patch [The Telegraph]
Internet Explorer ‘hit with new set of security flaws’ [The Telegraph]
Image [Hall Media Blog]

No comments »

Posted in Data Protection, Encryption

Tags: Encryption Internet Explorer microsoft Patch security security breach security update security warning Vulnerability

Computer Systems at 2500 Companies Hacked

February 18th, 2010

: Image by joshuadelaughter via Flickr

In a high security breach malicious hackers have penetrated into more than 75,000 machines in 2500 companies across the US & rest of the world.. Not only have the breached the security, but also they have obtained access to confidential data from commercial and government entitites across the globe.

According to the security firm, NetWitness, the attacks have compromised the login credentials of over 68,000 accounts revealing the new banking site information. Raising serious eye brows about the type of computer security software, the report mentioned a “dangerous new ZeuS botnet (a malicious programme)”.

Apparently, the Zeus botnet tool kit, allows criminals to infect and remotel control of users’ PCs. The Zeus tool kit can be purchased on the payment of some dollars. Swiss anti-spam activist Roman Hüssy operates the ZeusTracker website, which keeps watch on several Zeus control servers that are used by various gangs of criminals.

Alex Cox, who works at NetWitness & uncovered Kneber said, “When we detected the correlation between the methodology used by the Kneber crew to attack victim machines and the wide variety of data sets harvested, it became clear that security teams must rethink their entire perspective on threats such as Zeus”.

Kneber is described as a command-and-control system botnet based on the ZeuS Trojan and is based on the older version of 1.2 Zeus. First discovered in January, the malicious programme collects login credentials of online financial systems, social networking sites like Facebook & corporate email systems from infested computers and reports the information to miscreants.

NetWitness CEO and former Director of the National Cyber Security Division Amit Yoran said that cyber criminals like the Kneber crew target and compromise thousands of government and commercial organisations globally.

The unaware employees were caught on the backfoot when they downloaded the hacked software from the sites which were administered by the hackers. They were baited into opening emails which contained these infected attachments.

According to Yoran, “Because they’re using multiple bots and very sophisticated command and control methods, once they’re in the system, even if you whack the command and control servers, it’s difficult to rid them of the ability to control the users’ computers” .

According to WSJ, there were many companies hit by this attack including Cardinal Health, located in Dublin, Ohio, and Merck. Once the infected computers were identified they were immediately removed from the network. Also caught were the educational institutions, energy firms, financial companies, internet service providers are even government agencies were penetrated.

In a statement issued by the security firm, the scope of these attacks scaled across the United States, Saudi Arabia, Egypt, Turkey and Mexico.

To help keep your business data protected in an effective way, explore our secure encryption software solutions. Unlike competitors, our software won’t be hacked and it provides an independent layer of encryption. Try a free 30-day trial now!

Kneber botnet catches 2,500 companies worldwide (guardian.co.uk)
Virus breaches 75,000 computers, study says (msnbc.msn.com)
New virus has breached 75,000 computers: Study (calgaryherald.com)

3 comments »

Posted in Encryption, Encryption Chip

Tags: BlackHat Botnet Cardinal Health ChristopherTarnovsky Encryption Facebook Mexico Personal computer RSA Saudi Arabia security Social network service Trusted Platform Module United States United States Army Yahoo

Organizations Need to Comply With Strict Data Regulations

February 16th, 2010

: Image via Wikipedia

If you were thinking that you could get away with unstructured ways of storing data, think again

In a couple of months time, i.e. from April onwards we are going to witness stringent regulations of DPA i.e. Data Protection Act. The new rules would mean strict application towards the compliance of data storage and management:

If you don’t live upto the benchmark of data management/security, the monetary implications would scale up to 5,00,000 Euros in penalty.
In addition, there is also a possibility of 12 months of ban being handed out to those who fail to manage the data properly.

At Alertsec, we have been constantly focusing on data security and we think it is a fantastic move, especially considering the chain of events at ING, Ceridian and many other corporations where there has been tremendous data loss. Infact there was a case involving HSBC, where they were fined $3 million and it contained the personal information of thousands of customers.

According to an executive, ‘When a high profile company or government organization, looses some important data and gets penalised for it, that is when you will see other firms start to take notice.’

The key issue is the negligence shown on part of the organizations towards data security and management methods. While the organizations are aware of these standards, they were a bit careless about these incidents. But now, with penalties being imposed they would want to tread data security with caution.

Cost is a concern for variety of customers, but in the end they need to realize that there are variety of solutions available out there in the market to meet respective needs. In other words it doesn’t necessarily need to be a high end security solution. It has to be something that matches the checklist of meeting security compliance.

As proponents of Computer Security Software, we feel that a customer should always be educated about the correct choice of product. Not only that, if there are any changes in regulations and laws which govern the data storage techniques, the customer should be always made aware about the same.

If you read the Channel Web magazine’s latest article on this subject, you would agree that their suggestions are very well reflected in our approach:

Keep yourself updated with new and old laws that create an impact on customer’s business or their data
Always keep the customers in loop about the new penalties.
Ensure the upgradation of your products to match the security standards
Explore the domain experts and make appropriate recommendations to the customers for meeting security compliance

Primarily, organizations need to adopt a multi-pronged approach to manage their data security. Say for e.g. if you are talking about a USB disk, then you need to ensure that it is encrypted correctly. Having said that, encryption isn’t a complete firewall. While it would ensure protection to some level, there needs to be an extra layer. That extra protection could simply be through the physical protection of your USB disk.

http://www.alertsec.com/index.php?page=ov_data_security

2 comments »

Posted in Data Protection

Tags: business Consultants Corporation data data security Encryption security Universal Serial Bus

ING Compromises Customer Data

February 14th, 2010

Millions of people use search engines like Google to access all sorts of information every day. It’s become a common practice for users to search their names to see what comes up.

Imagine doing that and seeing your personal information show up in the search results, available for anyone to see. Everything including your address and social security number would appear. A security breach by the Internationale Nederlanden Groep (ING), a worldwide financial service provider, made this horror a reality for 106 of its customers. Though the file which hosted the compromised data has since been removed, the repercussions of the breach are still largely unknown.

Investigating the Breach

A filing [PDF] from the company to the the New Hampshire Attorney General’s Office explained:

On January 25, 2010 a customer alerted her securities broker to the fact she was able to access customer information through the ingfunds.com website. An electronic file containing customers’ personal information was inadvertently made accessible through the ingfunds.com website due to an isolated error, which has been resolved. The file was mistakenly posted to the website in August 2008. The error was quickly detected and the ability to access the file via link on the website was removed. The file, however, remained accessible through a specific search conducted via a web search engine. The file included the name, address, account number and social security number for 106 shareholders.

It’s remarkable that ING stored the private details of some of its customers on a file that wasn’t encrypted or even hosted on a private server. What’s really striking as dangerous is the fact that accessing this information wouldn’t require any complicated hacking- a clever search engine user could stumble on the social security numbers and do untold damage! Customers of financial institutions deserve a higher class of service- organizations like ING have a responsibility to ensure that the information they’re entrusted with remains well-protected.

Next Steps and Lessons for ING

While poor data security is hard to forgive, ING has acted quickly to resolve the issue and has done everything possible to help the customers affected. On top alerting the authorities in a timely manner, the company has conducted investigations into each customer’s account and announced that no suspicious activity had occurred. As an additional apology, ING offered a free year of credit monitoring and fraud coverage to the 106 customers to help prevent the future risk of identity theft.

Unfortunately, ING can’t get rid of this embarrassing situation that easily. Mainstream media will pick up the story and will end up damaging the business’s reputation and brand image. More so, the error may be a lot a more serious than the company realizes. It’s very likely that a number of the 106 victims will leave ING and take their business elsewhere. Some may even sue the company, especially if they incur damages due to the security breach. Identity theft may have already happened- sometimes it takes a while for the crime to be noticed. Even the Attorney General may end up imposing a fine for irresponsible business practices!

Keeping customer data secure should be an imperative for any business organization. Companies need to protect private information to avoid all the problems that ING will have to deal with in the coming weeks and months. Had ING encrypted the files which contained personal user details and stored them on a private server, this debacle could have easily been avoided.

Further Reading
ING Fund client data exposed on the web for 18 months [Office of Inadequate Security]

4 comments »

Posted in Data Protection, Encryption, Identity and Information loss, Lawsuits and settlements

Tags: business data breach ING lawsuit organization privacy unencrypted