Freedom, GEABSOLUTE POWERS CORRUPT ABSOLUTELY, General Election (GE15), Malaysia, Politics, polling Nov 19: Destroy Umno for the betterment of Malaysia, race, religion, Solidality, support Aliran for Justice

Share This

Showing posts with label Computer security. Show all posts
Showing posts with label Computer security. Show all posts

Sunday, 9 June 2013

Malware, ransomware attacks are a growing threat to computer and mobile phone!

FORGET pickpockets or thieves. The biggest threat to your smartphone now is kidnappers cyber “kidnappers” that is, with their Ransomware.

As the name suggests, ransomware is a malware (malicious software) that will keep your phone or computer a prisoner until you pay a ransom. Only when the specified amount of money is paid will you be able to “free” your device and access data or information.

Although it is not new ransomware is said to originate from Russia in 2005 and has been attacking many computers worldwide since the Symantec Corp Internet Security Threat Report (ISTR) Volume 18 revealed that ransomware is emerging as the malware of choice because of its high profitability for attackers.

Luckily, says Symantec Malaysia's senior technical consultant David Rajoo, to his knowledge, no cases have been reported here yet.

“However, as the worldwide web has no boundaries and with increasing broadband penetration and as more users are accessing the Internet, Malaysia is certainly exposed to the Ransomware threats,” he says.

Infected machines display messages which demand payment in order to restore functionality. - David Rajoo Infected machines display messages which demand payment in order to restore functionality. - David Rajoo
Rajoo points out that awareness is key to combat ransomware threat.

As the report highlights, attackers are using deceptive links and poisoned websites to infect unsuspecting users with malicious software and lock their machines.

“The attackers, many of them cybercriminal organisations, then hold users' machines for ransom. Infected machines display messages which demand payment in order to restore functionality,” he tells.

Recent attacks have also displayed images that impersonate law enforcement.

Consumers on the Android platform are most vulnerable to ransomware and mobile threats, says the report.

Last year, mobile malware increased by 58%, and 32% of all mobile threats attempted to steal information, such as e-mail addresses and phone numbers.

Although Android has fewer vulnerabilities, its threats are higher than any other mobile operating system. Its open platform and the multiple distribution methods available to distribute malicious apps make it the go-to platform for attackers, adds the report.

With malware growing sophisticated every day, Rajoo adds, a mix of intelligence-based technologies can provide optimal security to stop new and unknown malware.

To avoid getting infected, ensure the device's software and anti-virus definitions are up to date, and avoid suspicious sites, Rajoo advises.

“We also advise users to use more than antivirus for protection. We recommend using advanced reputation security which provides layered defence. Use more than just Antivirus use a full functionality solution which includes heuristics, reputation-based, behaviour-based and other technologies,” he says, stressing that a key strategy is to fend off threats before they infiltrate your computer system.

Symantec Malaysia's Systems Engineering director Nigel Tan agrees that stopping the threat at the gate is important as cyber criminals continue to devise new ways to steal information from organisations of all sizes.

Staying ahead of attacks

“The sophistication of attacks coupled with today's information technology complexities require organisations in Malaysia and globally to remain proactive and use “defence in depth” security measures to stay ahead of attacks,” he added.

According to the annual ISTR which analyses the year in global threat activity, Malaysia was ranked 35th on its global Internet security threat profile in 2012.

As it highlights, there was a 42% surge last year in targeted attacks globally compared with the prior year.

These targeted cyberespionage attacks, designed to steal intellectual property, are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31% of these attacks.

Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via “watering hole” techniques.

In a watering hole attack scenario, attackers compromise a carefully selected website by inserting an exploit resulting in malware infection. Through the compromised website, the attackers will target victims who visit the compromised site and take advantage of their software vulnerabilities to drop malware that will allow them to access sensitive data and take control of the vulnerable system.

As Symantec alerts, 61% of malicious websites are actually legitimate websites that have been compromised and infected with malicious code.

Business, technology and shopping websites were among the top five types of websites hosting infections. The shift of focus from government websites indicates an increase in attacks targeting the supply chain cybercriminals find these contractors and subcontractors susceptible to attacks and they are often in possession of valuable intellectual property.

The attack uses the security weaknesses in the supply chain specifically the small businesses to gain access into larger and more secured companies, adds Symantec.

Case in point is that those in sales became the most commonly targeted victims last year.

Another growing source of infections on websites is malvertisements this is when criminals buy advertising space on legitimate websites and use it to hide their attack code.

Tan urges organisations to continue to take proactive initiatives to secure and manage critical information from a variety of security risks, especially targeted attacks in the manufacturing and small business sectors, mobile malware, and phishing threats.

By HARIATI AZIZAN sunday@thestar.com

Tuesday, 1 May 2012

Dangers of U.S. Export Control Law & the Cybersecurity Market

Andrew Bigart

This article examines the export controls applicable to the field of cybersecurity, an increasingly global industry in which U.S. companies sell their products and services to multinational companies, U.S. agencies with overseas operations, and even foreign governments, when permitted. The cybersecurity market – both public and private – hit $60 billion in 2011 and is expected to increase steadily over the next several years. Indeed, cybersecurity is one of the few defense “growth” areas to buck recent U.S. budget cuts.

As U.S. companies continue to expand in the market, however, so too does the risk of non-compliance with the confusing web of U.S. laws and regulations that govern export-related activities. U.S. law places the burden of complying with export controls and economic sanctions squarely on U.S. companies and their officers and employees. The cybersecurity industry is no exception, and may be particularly vulnerable to government scrutiny given the strategic need to protect U.S. technological advantages, critical infrastructure, and access to confidential information. In this regard, violating U.S. export laws can result in criminal law enforcement actions, jail time, and significant fines and penalties, including debarment from federal contracting.

U.S. Export Controls

The U.S. government maintains a complex set of regulations that govern the export of goods – including technology, software, and technical data – to foreign countries and specified foreign entities and individuals.

The State Department’s Directorate of Defense Trade Controls (DDTC) regulates the export of defense articles, related technical data, and defense services listed on the United States Munitions List (USML) through the International Traffic in Arms Regulations (ITAR). All manufacturers, exporters, and brokers of defense articles, related technical data and defense services are required to register with DDTC. Registration with DDTC is a prerequisite to applying for export licenses.

The Department of Commerce’s Bureau of Industry and Security (BIS) regulates anything that is not listed on the USML, including the export of commercial and dual-use commodities, software, and technology through the Export Administration Regulations (EAR). Both DDTC and BIS regulate exports depending on an item’s technical characteristics, destination, end-user, and end-use. In this regard, cybersecurity products and services present a challenge because the exports may contain a mixture of different software, encryption functions, and controlled technical information.

Finally, although not the focus of this article, it’s import to note that the Department of Treasury’s Office of Foreign Assets Control (OFAC) enforces trade embargoes and economic sanctions against specific countries (Cuba, Iran, North Korea – you get the picture) and individuals and entities (terrorists, narcotics traffickers and other bad guys). OFAC publishes the names of these ne’er-do-wells in the “Specially Designated Nationals” or “SDN” list. (BIS also maintains several lists of prohibited persons). Together, the Commerce and State export controls and OFAC sanctions programs are designed to protect U.S. foreign policy interests and to prevent U.S. persons from doing business with the wrong types of customers.

Classifying Cybersecurity Products and Services for Export Purposes

Whether an export license or other authorization is required for the export of a cybersecurity product is a fact-specific determination that includes a review of the items or services being exported, the destination, end-user and end-use. Given the complexity in classifying cybersecurity-related items, many companies request commodity jurisdiction determinations from the export agencies for guidance on whether their products are properly classified under the DDTC or BIS frameworks. These determinations, which are published, in part, by DDTC and BIS, highlight the breadth of USML and EAR classifications that potentially cover cybersecurity products and software. For example, DDTC has advised that a company’s “Customizable USB thumb drive that conducts targeted searches of digital assets for critical files” is classified under the USML section XI, which covers military electronics, as are certain military-grade GPS and cryptography products.

On the other hand, data manipulation software that uses Security Socket Layer (SSL) encryption usually qualifies for BIS’s “Mass Market Encryption” exception for items classified under Export Control Classification Numbers 5A992 and 5D992. This exception allows certain “publicly available” software to be exported to most countries without a license if the exporter registers with BIS by obtaining an Encryption Registration Number.

Moreover, both DDTC and BIS regulations define an export as including the disclosure (orally or visually) of technical information or software to a foreign person. Thus, a “deemed export” takes place when technology or software is released to foreign a person or national for visual inspection (such as reading technical specifications, plans, blueprints, etc.); when technology is exchanged orally with a foreign person or national; or when technology is made available by practice or application to a foreign person or nationals under the guidance of persons with knowledge of the technology. Depending on the nature of the technology and the country to which the technology is disclosed, releasing technology to a foreign person or national may require an export license (or in the case of ITAR possibly a Technical Assistance Agreement, depending on the individual circumstances).

Why Should The Cybersecurity Industry Care?

As the importance of cybersecurity has grown from a national defense perspective, so too has the U.S. government’s focus on regulating the export of sensitive technology. A number of recent U.S. government enforcement actions involve U.S. persons selling software, encryption products, and other cybersecurity related information abroad:
  • In 2010, a resident of China was sentenced by a federal court to serve 96 months in prison for his efforts to obtain sensitive encryption, communications, and global positioning system equipment without a DDTC license.
  • In 2009, a U.S. national working for Technical Integration Group was sentenced to six years in prison and paid $1.1 million for exporting mobile telecommunications equipment containing encryption properties to Iraq, in violation of the then U.S. embargo on Iraq.
  • In 2008, two companies paid administrative penalties to settle BIS allegations that the companies exported U.S.-origin engineering software to Iran and to companies on the BIS Entity List without the required licenses.
  • In 2002, Neopoint Inc. paid a $95,000 civil penalty to settle charges that it unlawfully exported 128-bit encryption software to South Korea.
The consequences for non-compliance with U.S. laws overseas are severe and can include large monetary fines per violation for businesses, and similar monetary fines and imprisonment for individuals. On top of that, in cases of significant violations, the consequences can include a denial of future export privileges and federal contract debarment, which is particular onerous for cybersecurity companies dependent primarily on business from U.S. government contracts.

What Can My Company Do To Minimize Risk When Selling Abroad?

The first step in minimizing export-related risk is to understand the nature of your business and potential customers, including the who, what, and where of every export transaction. The U.S. government expects companies that export to inform themselves of the facts of any export transaction and exercise reasonable care in complying with applicable U.S. export requirements. This process requires companies to determine the appropriate export classifications for their products and services. If any of your products or services falls under the USML, then you must register with DDTC as a manufacturer, exporter, or brokerer.

The next step is to develop a compliance plan that is tailored to your company’s specific export needs. A compliance plan should address, at a minimum, the following:
  • Overview of applicable laws;
  • A list of prohibited activities and employee responsibilities;
  • Regular compliance training for employees;
  • Required checking of all business partners and customers against OFAC’s SDN list on a transactional basis;
  • Rigorous internal financial and audit controls to monitor export and FCPA compliance; and
  • Required due diligence on all agents or independent contractors and required written contracts with export, economic sanctions, and FCPA prohibitions and certifications.
Finally, under U.S. law, exporters that become aware of – or should be aware of – “red flags” are required to resolve them before proceeding with a transaction. Monitoring the activities of your business partners overseas is particularly important because the conscious avoidance of knowledge of wrong doing is not a defense. Typical red flags include:
  • Transactions with incomplete information regarding end users, country of origin or destination;
  • Exportation of products that do not not fit the buyer’s line of business;
  • Unusual contract terms, payments in cash, or requests for high commissions;
  • Direct or indirect payments to government officials or their families or payments to persons outside the normal scope of a transaction;
  • Payment for travel, lodging, or business expenses or extravagant gifts or entertaining of government officials or their families; and
  • Consultants who are connected with a foreign government or political party.
What if a Potential Violation Arises?

Unfortunately, for some companies the legal risks of doing business abroad are not apparent until something goes wrong. If you discover questionable business practices regarding your export-related activities, stop the conduct in question immediately and report the activities to your company’s compliance officer. If your company finds itself in such a position, consider the option of a voluntary disclosure. Each of the agencies discussed above – Commerce, State, and OFAC – maintain procedures that encourage companies to self-report violations under certain circumstances. Although these programs do not allow companies to evade liability completely, they do offer reduced penalties and other incentives.

Conclusion

There is no doubt that the export market for cybersecurity products and services remains an attractive and growing market for U.S. exporters. Before taking the leap overseas, however, take the time to review and understand your company’s responsibilities under U.S. export control and economic sanctions. An ounce of prevention in this regard goes a long way in keeping your business profitable and out of trouble.

Eric Savitz, Forbes Staff  -  Guest post written By Andrew Bigart
Andrew Bigart is an associate with Venable LLP, a Washington-based law firm.
Newscribe : get free news in real time   

Related posts:
 Washington seeks to extend hegemony to trade

Thursday, 4 August 2011

Cyber crooks target gamers; E-gambling dens menace, raid in Penang, etc



Cyber crooks target gamers

 By P. ARUNA  aruna@thestar.com.my

SERI KEMBANGAN: Cyber crooks have now set up fake gaming sites to steal information from Internet surfers.

They are also stealing personal information from online gamers and selling virtual gaming items like weapons to other players.

Cybersecurity Malaysia, which is an agency under the Science, Technology and Innovation Ministry, said cyber criminals were targeting gaming websites and had spread their wings to Malaysia, with five cases reported so far.

“Gaming websites have already become a lucrative business for cyber criminals in South Korea and China,” said Cybersecurity Malaysia vice-president (cyber security responsive services) Adli Abd Wahid.

Gamers are spending more money on online gaming, purchasing battle tanks', avatars' and other virtual gadgets and tools needed to advance to higher levels of a certain online game.

“Cyber crooks can steal the usernames and passwords of users who have advanced to a certain level in a game, and sell the account to buyers who want to continue playing the game from that level.”

Adli said that since many gamers preferred not to waste time starting from the lowest levels, they were willing to buy from cyber crooks.

The crooks could also steal the virtual weapons and gadgets from compromised accounts and sell them to other players.

Adli estimated that 99% of phishing websites targeting Malaysians were created and operated overseas, with foreign syndicates often hiring locals as “money mules” to transfer stolen money to foreign bank accounts.

The number of phishing sites detected in Malaysia rose from 634 cases in 2009 to 1,426 reports that were lodged last year.

IDC Market Research (M) Sdn Bhd associate analyst Devtar Singh said there were currently an estimated 7.3 million online gamers in Malaysia.

International anti-phishing service provider Internet Identity (IID) reported that the attacks were expected to rise with the global online gaming industry generating over US$15bil (RM44bil) annually, making it a strong target for criminals.
-->

Residents: End the game for e-gambling dens

By ELAN PERUMAL and STUART MICHAEL  newsdesk@thestar.com.my

PETALING JAYA: Action must be taken against operators of e-gambling dens because addiction to gambling is making families suffer, said Women, Family and Community Development Deputy Minister Heng Seai Kie.

Her ministry had received numerous complaints from women, especially mothers and wives, on the negative impact caused by such gambling dens.

They complained how family members had became addicted to gambling due to the existence of these premises near their homes.

Heng said the mothers complained that their children’s studies were badly affected by the addiction to gambling.

“The wives also told us that their husbands frequent such premises and lose their earnings at the cyber casinos,” she said.

Heng said she had received feedback that the number of illegal casinos were mushrooming in the Klang Valley, especially Selangor.

She urged the state government to act against this illegal activity.

Meanwhile, resident associations (RA) called for sterner action against the cyber casinos.

Aman Suria RA pro-tem chairman Wendy Chan said the lack of consistency among the local authorities had led to the mushrooming of the illegal cyber casinos.

While acknowledging the authorities did take action against the illegal e-gambling dens, Chan said their actions were not effective.

“The best way is for the local authorities to closely monitor and carry out regular checks.’’

Damansara Jaya RA president Datuk Hew Cheng Hoe said it was impossible for the residents associations to act on the complaints against the illegal activity.

“I believe the authorities will do the necessary to stop the illegal operators,’’ he said.

Bandar Country Homes RA president Soong Beng Khoon said the authorities should also go after those who supplied equipment to these illegal gambling centres.

He added that these casinos were popular as they were strategically located in residential areas.

Taman Rawang Perdana 2 RA chairman Ong Siew Hong said there were many cybercafes in his area and some youngsters, who initially played for fun, eventually become addicted.

“This has become a social problem and the authorities must view it seriously.”

 E-gambling menace

Stories by M.KUMAR and AUSTIN CAMOENS

Under control: A police officer securing the area during a raid on gambling dens in Gombak, Selangor.

KUALA LUMPUR: Many people, including schoolchildren, are losing millions of ringgit monthly at e-gambling dens.

The cyber casinos attract customers by offering a variety of gambling games from mahjong and roulette to virtual slot machines.

The premises are sparsely furnished. Rows of computers line the space and customers are seen glued to the screens.

Bets start from as low as 25sen to as high as the participant wants. There have been cases where players bet thousands of ringgit for one hand of Blackjack.

EO for cyber crooks
PETALING JAYA: The Emergency Ordinance (EO) will be used against operators of illegal cyber casinos who have been raking in millions of ringgit monthly.

The police, however, face a setback because the gaming servers are located overseas, making it difficult to nab the culprits.

Other developments:

> The Selangor and Kuala Lumpur Cybercafe Owners Association has come up with an integrated approach to rebrand the industry and educate members;

> Selangor Government slammed over inaction against such operators; and

> Habitual gamblers say they are attracted by the low bets offered.

13 held in Penang after cyber raid

By TAN SIN CHOW sctan@thestar.com.my

GEORGE TOWN: Police have detained 13 caretakers and workers of cybercafes which are believed to be fronts for illegal online gambling.

During an operation code-named Ops Dadu, the police also seized 128 computer sets from 13 cybercafes throughout the state.

State CID chief Senior Asst Comm (SAC) Zahruddin Abdullah said the 13, mostly caretakers in their 20s and 30s, were nabbed during a five-hour operation which ended at 1am.

Gambling gadgets: George Town CID chief Deputy Supt Shahurinain Jais showing some of the seized items at Datuk Keramat police station in Penang Thursday. Aug 4, 2011
 
Most such premises were found in central Seberang Prai and George Town districts.

SAC Zahruddin said police had intensified their raids on online gambling dens with 4,440 computers and gambling machines seized in the first six months of this year.

He added that 1,150 raids were also carried out with 440 arrests made.

“The statistics show the number of raids, arrests and seizures have increased tremendously compared with last year and 2009.

“Constant raids have been carried out but the problems still persist. We will continue with our efforts,” he said during a press conference at the state police headquarters here yesterday.

Police made 759 and 434 arrests in 2009 and last year respectively.

They had carried out 1,045 raids in 2009 and 1,339 last year.

SAC Zahruddin said there were hundreds of cyber cafes in Penang with a large number being run without licences from local authorities.

He added that many operators were also caught abusing licences obtained from local authorities by running online gambling in their premises.

“We have problems tracking down the masterminds as most of the time those who look after the premises are foreigners.

“The operators have hi-tech tools. With only the press of a button, computers in the premises will be switched off.

“This makes it even harder for us to establish a case against them.”

When contacted, Penang municipal councillor Iszuree Ibrahim said cybercafe operators who run online gambling activities had never applied for licences from the Penang Municipal Council.

He said only 17 out of hundreds of cybercafe operators on the island were given licences.

“We are only able to issue summonses to the perpetrators but this will not deter them from carrying out such activities at their premises as they are raking in millions of ringgit annually.”

Related Stories:
Stakes up for casino bosses
A sure bet there's a game for every gambler
MCA: Raid cyber casinos regularly

Related Stories:
Cybercafes and shoplots turned into million-ringgit gambling dens
Selangor police struggle to get rid of gambling dens
Syndicates use high-end security to watch out for police raids

Wednesday, 27 April 2011

Cyber crooks target gamers

By P. ARUNA aruna@thestar.com.my




SERI KEMBANGAN: Cyber crooks have now set up fake gaming sites to steal information from Internet surfers.

They are also stealing personal information from online gamers and selling virtual gaming items like weapons to other players.

Cybersecurity Malaysia, which is an agency under the Science, Technology and Innovation Ministry, said cyber criminals were targeting gaming websites and had spread their wings to Malaysia, with five cases reported so far.

“Gaming websites have already become a lucrative business for cyber criminals in South Korea and China,” said Cybersecurity Malaysia vice-president (cyber security responsive services) Adli Abd Wahid.

Gamers are spending more money on online gaming, purchasing ‘battle tanks’, ‘avatars’ and other virtual gadgets and tools needed to advance to higher levels of a certain online game.

“Cyber crooks can steal the usernames and passwords of users who have advanced to a certain level in a game, and sell the account to buyers who want to continue playing the game from that level.”

Adli said that since many gamers preferred not to waste time starting from the lowest levels, they were willing to buy from cyber crooks.

The crooks could also steal the virtual weapons and gadgets from compromised accounts and sell them to other players.

Adli estimated that 99% of phishing websites targeting Malaysians were created and operated overseas, with foreign syndicates often hiring locals as “money mules” to transfer stolen money to foreign bank accounts.

The number of phishing sites detected in Malaysia rose from 634 cases in 2009 to 1,426 reports that were lodged last year.

IDC Market Research (M) Sdn Bhd associate analyst Devtar Singh said there were currently an estimated 7.3 million online gamers in Malaysia.

International anti-phishing service provider Internet Identity (IID) reported that the attacks were expected to rise with the global online gaming industry generating over US$15bil (RM44bil) annually, making it a strong target for criminals.