Twitter

Apple, Facebook, Twitter hacks said to hail from Eastern Europe

February 21st, 2013

While many security experts have been pointing the blame at China for the recent wave of cyberattacks on U.S. companies and newspapers,Bloomberg reports that some of the malware attacks actually may be coming from Eastern Europe.

Investigators familiar with the matter told Bloomberg they believe a cybercriminal group based in either Russia or Eastern Europe is carrying out the high-level attacks to steal company secrets, research, and intellectual property, which could then be sold on the black market.

Evidence that the attacks may be coming from Eastern Europe is the type of malware being used by the hackers, which is more commonly used by cybercriminals than by government spying. Also, investigators have tracked at least one server being used by the hackers to a Ukrainian hosting company.

Roughly 40 companies have been victims of cyberattacks over the past several months. These companies included tech businesses, such as Apple, Facebook, and Twitter, and newspapers, such as The New York Times, the Wall Street Journal, and the Associated Press.

Apple announced today that hackers targeted computers used by its employees, but that “there was no evidence that any data left Apple.” In a statement, the company said it discovered malware that made use of a vulnerability in the Java plug-in, and that it was sourced from a site for software developers. Apple blocked Java from some of its Macs late last month using its XProtect antimalware tool and citing security vulnerabilities.

A report by The New York Times yesterday claimed that an “overwhelming percentage” of the cyberattacks on U.S. corporations, government agencies, and organizations came from an office building in Shanghai with ties to the People’s Liberation Army. These allegations remain unconfirmed and flatly denied by Chinese authorities.

The hack on The New York Times itself was months long and included the theft of corporate passwords of Times employees, as well as spying on personal computers. The attacks on Facebook, Twitter, and Apple were a bit different in that reportedly only a small number of systems were infected and the hackers got in via the Java vulnerability.

This isn’t the first allegation of cybercriminals operating out of Eastern Europe. Security firm McAfee Labs published a report in December that warned of increasing attacks on U.S. financial institutions from Eastern European hackers. Dubbed Project Blitzkrieg, McAfee said the possible attacks would be done with a highly developed Trojan that could infect victims’ computers, plant software, and allow cybercriminals to steal information and money.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Twitter aiming to slash phishing e-mails sent from ‘Twitter.com’

February 17th, 2013

If you get an e-mail saying it’s from Twitter, the social-networking company wants to assure you that it’s really from Twitter and that there’s no need to worry that someone’s out to steal your password.

At least, it’s almost certain that the e-mail you just got from a Twitter.com address is not a phishing attack, the company said in a blog post today.

Twitter said it has adopted a new security protocol known as DMARC that was designed by a consortium in order to cut way down on phishing attempts.

DMARC solves a couple of long-standing operational, deployment, and reporting issues related to e-mail authentication protocols. It builds on established authentication protocols (DKIM and SPF) to give e-mail providers a way to block e-mail from forged domains popping up in in-boxes. And that in turn lessens the risk users face of mistakenly giving away personal information.

Twitter did not immediately respond to a request for comment about how big a problem these kinds of phishing attacks have been in the past.

In its blog post, Twitter said that all four major e-mail providers — Gmail, AOL, Yahoo Mail, and Hotmail/Outlook — have signed on to the DMARC protocol in an industrywide attempt to make e-mail just a bit safer by preventing messages that seek to pilfer users’ personal information from ever making it into their in-boxes.

Then again, in its blog post, Twitter said only that it’s “extremely unlikely that most of our users” will get phishing attacks purporting to be sent by Twitter. That leaves the company a little wiggle room in case the practice continues, or if the phishing community figures out a way to bypass the DMARC protocol and resume its nefarious work. After all, if there’s one thing that’s guaranteed to get hackers and bad actors looking for a way to keep doing their thing, it’s a public announcement that they’ve been neutered.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta

Twitter gives user data to U.S. 7 times out of 10

January 17th, 2013

Twitter gives government agencies in the United States at least some of the information they ask for on users 69 percent of the time.

That data and much more about how the social network responds to government requests for user information, as well as demands to remove tweets and reports of copyright violations was part of Twitter’s second so-called transparency report, which it issued today “in celebration of”Data Privacy Day. Google issued such a report today as well.

“We’ve been thinking about ways in which we can more effectively share this information, with an aim to make it more meaningful and accessible to the community at large,” Twitter wrote in a blog post. “We believe the open exchange of information can have a positive global impact. To that end, it is vital for us (and other Internet services) to be transparent about government requests for user information and government requests to withhold content from the Internet; these growing inquiries can have a serious chilling effect on free expression — and real privacy implications.”

In the report, Twitter said that, worldwide, it received 1,858 requests from governments for information about users in 2012, as well as 6,646 reports of copyright violations, and 48 demands from governments that content they deem illegal be removed.

Although Twitter has a responsibility to provide information on users as a result of official actions like subpoenas and court orders, the company has long taken the public position that it protects users’ privacy and anonymity whenever possible. For example, last August, the company fought police attempts in New York to get information on an Occupy Wall Street protester’s account, claiming that law enforcement did not adequately follow the Constitution’s safeguards against invasion of privacy.

“It’s our continued hope that providing greater insight into this information helps in at least two ways,” Twitter continued in its blog post: “first, to raise public awareness about these invasive requests; second, to enable policy makers to make more informed decisions. All of our actions are in the interest of an open and safe Internet.”

Privacy advocates seem to agree. In an email sent to CNET, the Electronic Frontier Foundation’s Trevor Timm lauded Twitter’s report and its attempts to maintain users’ freedoms and privacy. “I think this is the most detailed transparency report that we’ve seen from any Internet company and it should become a model for other companies, especially Facebook,” Timm told CNET. “Facebook is by far the largest social media site, yet has so far refused to release transparency reports to show us how much information the government is requesting and how much they comply.

“The first step in combating unreasonable government surveillance is information. And these transparency reports are vital in that fight. Cell phone carriers should start releasing them on a yearly basis as well.”

It will likely be interesting to many people to see how many times governments around the world ask Twitter to provide information about users in their countries, as well as how often the company decides it has no choice but to comply with those requests. The transparency report includes a section detailing “actionable” demands — meaning situations in which Twitter is legally responsible to provide what is asked for — from every country, as well as a second section focusing solely on the United States.

China is missing from the report, as Twitter is officially blocked there. And while there appears to be evidence that some Chinese are able to access Twitter, the company doesn’t have a responsibility to reply to that government, explained a Twitter spokesperson.

U.S. requests

From July 1 to December 31, 2012, Twitter said, it received a total of 1,009 requests for user information from 30 countries. Across the board, the company complied by providing some or all information demanded 57 percent of the time, covering a total of 1,433 user accounts.

Outside the U.S., Japan issued the most requests, asking Twitter for information on 75 users a total of 62 times. Yet Twitter complied just 5 percent of the time, it said. Brazil submitted 34 requests, covering 43 user accounts, and got some or all of what it was looking for 12 percent of the time.

By comparison, American government agencies were given at least some of what they were demanding in 69 percent of the 815 cases in which they asked, the report said. “As Twitter is based in San Francisco…the great majority of government information requests for user information we receive come from the United States,” the company wrote. “To increase transparency and insight, we’re introducing more in-depth details about these requests.”

According to the U.S.-only report, 60 percent of demands in the U.S. came in the form of subpoenas, while 11 percent were court orders, 19 percent were search warrants, and 10 percent were other official requests. Twitter said that in the cases of subpoenas, the requests “do not generally require a judge’s sign-off and usually seek basic subscriber information, such as the email address associated with an account and IP logs.”

Because of the Fourth Amendment to the U.S. Constitution, Twitter wrote, search warrants “typically require the most judicial scrutiny before they are issued, including a showing of probable cause and a judge’s signature. A properly executed warrant is required for the disclosure of the contents of communications (e.g., tweets, [and direct messages]).”

Twitter said that its general policy is to notify users when a government agency is demanding their information, “unless we are prohibited from doing so by law or in an emergency situation.” All told, it explained, less than 20 percent of cases involved such prohibitions issued “under seal.”

The EFF’s Timm said, “I don’t necessary blame Twitter for complying with valid subpoenas and warrants, since they are required to by law. It seems they have been vigilant in challenging unnecessarily broad legal requests. They only comply with 69 percent, while Google complied with 88 percent. And they’ve also written a detailed explanation of why they may not comply, and notify users whenever legally possible. The blame lies with the government for making so many warrantless requests and with Congress for not giving much of our electronic data more protection than just a subpoena.”

Added Timm, “It’s also great to see Twitter requires warrants for all content, despite [the Electronic Communications Privacy Act] not requiring it by law. It’s encouraging to see Google, Facebook, Microsoft, and Yahoo all come out and say this in the past week. The Fourth Amendment should protect the content of our email, just like it protects our physical letters and phone calls.”

Removal requests

Twitter has long held that its users have the right to post almost anything they want, as long as it isn’t illegal. But in some cases, it does respond when governments ask it to remove offending content.

According to the transparency report though, such cases are exceedingly rare. Between July and December, there were just 26 such court-ordered requests worldwide, Twitter said, and in just 5 percent of cases did it actually remove some or all of the content in question.

A recent situation involving a series of anti-Semitic tweets in France is one such case. And as a result, France’s removal requests were granted 100 percent of the time, the report detailed. But even so, that removal covered just 40 accounts, and only 44 individual tweets.

In the United States, by comparison, there were just two such requests between July and December.

Copyright takedowns

Although the parts of Twitter’s transparency report that are likely to get the most attention are the company’s responses to government officials for information on users, and the amount of offending content removed, it also contained interesting data on how often the company acted on demands that content posted to the social network contained copyright violations.

According to the report, Twitter received 3,268 take-down notices worldwide between July and December, and it’s agreed to comply with part or all of those requests 53 percent of the time.

Twitter said that when such requests are submitted, it notifies affected users. Among the types of media it has to remove as a result of these notices are “profile photos, header photos, background images, and Twitter-hosted media (e.g., pic.twitter.com).”

But Twitter also noted that it doesn’t comply with take-down notices for a number of reasons. In many cases, it said, such demands don’t supply adequate information for locating the allegedly offending content. And at the same time, it receives many “misfiled, non-copyright complaints” through its Web forms.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta