Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Internet user rights under attack like never before

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

April 21, 2013

Aaron Swartz was a bright young man dubbed an Internet activist that everyone liked and with a life full of promise. Unfortunately, he committed suicide in January, and his death understandably created a lot of stir in the internet community and in the blogosphere.

His numerous struggles with an antihacking law that took place in California, along with some of his actions have proven too much to bare for Aaron, and now a new film is about to be created in his honor.

However, the movie could have the unfortunate effect that the Internet and its users' rights could be under attack as never before, according to the creators of the documentary.

The movie, titled "War for the Web," traces the physical infrastructure of the Internet, from underwater cables to home routers, as a way to explain the story of what's behind the politicking over proposals like CISPA, Net Neutrality, and the Stop Online Piracy Act.

"People talk about internet security, about privacy, then they talk about regional duopolies like they're independent issues," said Cameron Brueckner, the film's director. "What is particularly striking is that these issues aren't really independent issues. They're ALL interconnected."

The filmmakers have completed no less than seventeen lengthy interviews, including what they say is the last extensive one that Swartz gave before committing suicide and have yielded about 24 hours of raw footage.

They plan to have a preview feature finished by the end of the year, and have already launched a fundraising campaign that ends May 1st.

Swartz, who was charged under the Computer Fraud and Abuse Act, faced a criminal trial that would have begun this month and the possibility of anywhere from five years to over a decade in federal prison for alleged illegal downloads of academic journal articles.

Swartz told the filmmakers last year, in an interview that took place after his indictment, that the U.S. government posed a more serious cybersecurity threat than hackers: "They cracked into other countries' computers. They hacked into military installations. They have basically initiated cyberwar in a way that nobody is talking about because it's not some kid in a basement somewhere. Because it's distorted that way, and because people talk about these fictional kids in the basement instead of government officials that have really been the issue, it ends up meaning that cybersecurity has been an excuse to do anything."

Aaron Swartz was a bright young man dubbed an Internet activist that everyone liked and with a life full of promise. Unfortunately, he committed suicide in January, and his death understandably created a lot of stir in the internet community and in the blogosphere.

"Now, cybersecurity is important. I think the U.S. government should be finding these vulnerabilities and helping to fix them. But they're doing the opposite of that. They're finding the security vulnerabilities and keeping them secret so that they can abuse them. So if we do care about cybersecurity, what we need to do is focus on the debate not on these kids in a basement who aren't doing any damage, but rather on the powerful people, the people paying lots of money to find these security holes who then are doing damage and refusing to fix them," he added.

Overall, it was an eerily accurate prediction of how CISPA author Mike Rogers, a Michigan Republican, would defend his controversial cybersecurity legislation this week. During a contentious House Rules committee meeting, Rogers said opponents to CISPA were "a 14-year-old tweeter in the basement" -- prompting a flood of snarky responses on Twitter from adults who said they had serious constitutional and privacy concerns about his bill.

Naturally, CISPA is a controversial bill approved just two days ago by the House of Representatives that would authorize email and Internet providers to share certain confidential customer data with the U.S. federal government.

The vote came after a closed-door meeting of Rogers' House Intelligence committee last week that approved the bill in an unusual debate that took place in secret.

Rogers and his allies defeated a series of privacy-protective amendments, including one that would have required Homeland Security or other agencies to obtain warrants before searching a database of shared information for evidence of criminal activity.

Another unsuccessful amendment would have made Internet companies' promises to protect customer privacy legally enforceable. Also interviewed is Richard Clarke, a former White House cybersecurity coordinator and the author of "Cyber War".

"People really aren't paying attention to the way Internet-related legislation is being drafted," said War for the Web writer Michael Wooldrige. "We're ignoring CISPA. We're ignoring SOPA. These are all conversations now that are happening behind closed doors. We need to bring those to the public."

The one-hour documentary aims to tie them all together, said Brueckner, the film's director. "It's not so much that we're breaking it down by exploring each of these individual issues," he said. "We're looking at the through-line of how they're all related. We have to step back and look at everything."

Other topics in the movie include the Stop Online Piracy Act, or SOPA, an antipiracy measure that prompted an unprecedented public outcry last year based on fears it would jeopardize constitutionally protected online speech. The producers also plan to revisit the Net Neutrality debate, which is temporarily on hold because the FCC's regulations are being challenged in court as illegal. If the FCC loses, Congress would likely revisit the topic.

Swartz also told the filmmakers that he was concerned about private companies' effective ability to censor the Web. Mastercard and Visa cut off Wikileaks from receiving donations, he said, and "you can only imagine Facebook doing the same thing. Certain groups of people can't share things on Facebook-- that entire community gets shut down." He added: "It's terrifying to imagine what happens when our infrastucure is controlled by these private corporations that can then decide basic things like what we can talk about."

Most of the interviews are done for now, the producers said, include ones with Google's Vint Cerf, Rep. Ed Markey (D-Mass.), former government cybersecurity aide Richard Clarke, and Susan Crawford, a professor at Cardozo School of Law who's been talked about as a possible next chairman of the Federal Communications Commission.

Wooldrige said he would like to interview Rep. Darryl Issa, the California Republican who became a leading foe of SOPA. Ben Caspi, the film's director, said he plans "another round of production this summer." Then, once the last interviews are completed, "we'll transition straight to postproduction" with a scheduled release date of early next year.

In other internet security news

Cody Kretsinger, a twenty-five year old man from Decatur, Illinois, and a former LulzSec hacker has been placed in federal prison for a year for hacking into Sony Pictures' servers.

Kretsinger was better known to his fellow LulzSec buddies as "Recursion" and was also ordered to carry out 1,000 hours of community service, and a year of home detention, following his release from prison.

He was sentenced by a Los Angeles court yesterday. Kretsinger had pleaded guilty to a single count of conspiracy and unauthorized impairment of servers in a plea-bargaining agreement.

Kretsinger admitted breaking into the Sony Pictures website and extracting information which he passed on to other members of LulzSec, who leaked the data in order to embarrass Sony, a hated enemy of the hacktivist group.

Sony claimed that the hack left it $600,000 out of pocket. Kretsinger was ordered to somehow repay this amount in restitution to Sony, the LA Times adds.

Earlier this month, a 26-year-old British man also pleaded guilty to computer hacking as part of LulzSec, a splinter group of mischief-makers from the larger Anonymous collective.

Ryan Ackroyd, from South Yorkshire, admitted taking part in attacks against numerous high-profile targets including Nintendo, News International, 20th Century Fox, Sony Group and the NHS. Ackroyd adopted the online persona of a 16-year-old girl named Kayla during much of his malfeasance.

Ackroyd and other convicted LulzSec suspects like Jake Davis, 20, from the Shetland Islands, Scotland, 18-year-old Mustafa Al-Bassam from Peckham, south London and Ryan Cleary, 21, from Wickford, Essex are all due to be sentenced on May 14.

Erstwhile LulzSec leader Hector Monsegur, was revealed in March 2012 as an FBI informer who had been grassing on his former cohorts for ten months after his arrest in June 2011. Sabu's sentencing was delayed by six months in February due to his "ongoing cooperation with the government".

In other internet security news

Internet security researchers say they have discovered a whole list of new malware that targets the QUIK stocktrading application used by some banks and financial institutions.

The malware has been used in a series of attacks since November 2012, according to Russian security firm Group-IB. Cyber criminals have traditionally targeted private and corporate banking accounts, using malware such as variants of the ZeuS cybercrime toolkit to log key-strokes and extract account information from investors and traders.

This isn't new-- online stock trading and brokerage systems have been hacked a lot in the past, but attacks have been successful through fake profiles and social engineering scams.

Recently however, trading fraudsters have diversified tactics and begun to use malware, in an effort to defraud the public and steal money.

Particularly, professional black hat coders have designed a new strain of malware targeting specialized trading software called QUIK (Quik Broker, Quik Dealer) from Russian software developers ARQA Technologies and FOCUS I-Vonline from New York-based EGAR Technology.

Such software is used by many banks in the Russian Federation including Sberbank, Alfa-Bank and Promsvyazbank.

Both of the applications are used for trading on MICEX, a leading Russian stock exchange. MICEX offers services including placing and trading stocks, listing securities, and even the facility to set up initial public offerings (IPOs) or company flotations.

Exchange clients trade in stocks and shares issued by the likes of Gazprom, VTB Bank, RusHydro, Mobile TeleSystems, and a few others.

Andrey Komarov of Group-IB says that the online trading malware was a variation of the Ranbyus spyware normally used to infect Windows computers and target online banking customers.

"It has quite similar functions to Zeus, as it uses a VNC spawning module which helps the hacker to be connected to the infected computer absolutely remotely and to do his fraud in silence, that's why it won't be detected by anti-fraud filters, as the theft will happen from the same IP address," Komarov explained.

Worse, another Trojan virus identified as Broker-J, also targets QUIK but uses other techniques instead, effectively stealing encryption keys from the QUIK storage and transferring them to cybercriminals, still using the same IP to avoid detection.

"The end customer should use standard methods of antivirus defense if he or she runs financial software on a personal computer which is connected to public networks," said Vladimir Kurlyandchik, head of business development at ARQA Technologies.

"People should use efficient internet security appliances and antivirus software, and also make use of firewalls. It is our standard recommendation," he added.

"In case of any suspicions of unauthorized access to an account the end user should immediately initiate the procedure of changing access keys, along with new user IDs and secure passwords," he added.

Kurlyandchik also stated that the QUIK platform incorporates several new technologies to also help prevent unauthorized access, including two factor authentications using either RSA Secure-ID tokens or SMS messages sent to a pre-registered phone, as well as other similar security devices.

"The securities broker now has a few and improved tools to monitor suspicious activity and to block access to the system from suspicious IP-addresses, hosts etc," he said.

In other internet security news

Since last week, many hosting providers are reporting a huge increase in attempts to hack into blogs and content management systems, with WordPress implementations again being hit the most with hackers' offensive. It's not the first time that Wordpress blogs have been the subject of hacking attempts and it probably won't be the last.

Thousands of Wordpress installations across the globe were hit by a brute force botnet attack, featuring several attempts to hack into blogs using a combination of popular usernames (eg, "admin", "myblog" and "user") and an array of unsafe passwords such as "god", "sex", "love" and "1 2 3 4 5".

Attacks of this type are commonplace-- it's the sharp rise in volume late last week to around three to four times the normal volume rather than anything technically devious that has set many alarm bells ringing all over the web.

Around 90,000 compromised servers have been attempting to break into WordPress websites by continually trying to guess the username and password to get into the WordPress admin dashboard.

To help mitigate such attacks, the senior system administration team at Sun Hosting, a large Canadian hosting provider, has rolled out wide security policies to help contain and limit such attacks. For the time being, the company has removed any public information detailing the new way they're blocking the attacks, as the hackers seem to be actively monitoring for changes, and altering their tactics.

Sun Hosting says: "If your site or blog has been targeted in similar attacks, the security precautions we've implemented may limit the access to your WordPress admin dashboard. We have chosen to proactively protect our customers from such attacks in order to avoid a potentially larger security issue on your account. Your admin password should consist of a minimum of 12 characters, with upper case and lower case letters, numbers as well as ponctuation marks."

The primary target appears to be WordPress installations but Joomla users also reportedly took some hammering as well. Early suggestions are that hackers are looking to harvest "low-hanging fruit" as quickly as possible in order to gain access to a bank of compromised sites for follow-up malfeasance, which could be anything from hosting malware to publishing phishing pages or running some sort of denial of service attack.

"It's 'doorknob rattling' but on an industrial and international scale," notes Paul Ducklin, Sophos's head of technology for Asia Pacific.

WordPress founder Matt Mullenweg said that the attack illustrates the need to use a distinct username and a hard-to-guess password, common-sense advice that applies to using web services in general, not just for blog administration.

If you still use "admin" as a username on your blog, change it, use a strong password, if you’re on WP.com turn on two-factor authentication, and of course make sure you're up-to-date on the latest version of WordPress. Do this and you'll be ahead of 95 percent of sites out there and probably never have an issue."

Most other advice isn't great — supposedly this botnet has over 90,000 IP addresses, so an IP limiting or login throttling plugin isn't going to be great. They could try from a different IP a second for 24 hours, as an example.

Olli Niemi, internet security and vulnerability expert at Stonesoft outlined the range of possible motives behind the attack. “A concern of this attack is that by compromising WordPress blogs attackers may be able to upload malicious content and embed this into the blog," Niemi said.

"When readers visit the blogs in question they would then be subject to attack, come under compromise and develop into botnets. The attacks against the Wordpress blogs seem to be distributed, with automated attacks coming from multiple sources,” he added.

Matt Middleton, U.K. and Ireland regional director of corporate security firm Cyber-Ark, said that hacking attempts on corporate blogs might be used as an access point to hack into other much more sensitive enterprise systems. Weak passwords need to be changed ASAP, he argues.

“Common usernames and weak passwords are extremely risky online, however, and the dangers are compounded if users re-use the same login credentials for other sites as well. Once hackers have cracked a username and password, it’s extremely common that they’ll attempt to use the same combination for additional sites in the attempt to fraudulently use accounts, or access information such as credit card details or corporate data," added Middleton.

Many denial of service (DoS) attacks against large U.S. banks in January were powered from compromised WordPress sites and blogs rather than malware-infected zombie PCs.

The upsurge in attempts to hack into WordPress sites last week could be a prelude to something similar that could happen soon, or a suggestion of things to come.

In other internet security news

Internet security researchers have published a more complete report of a recently patched SQL injection hole discovered on PayPal's popular payment platform.

The Vulnerability Laboratory Research Team received a $3,000 reward after discovering a remote SQL injection vulnerability in the official PayPal GP+ Web Application Service.

The critical security flaw, which could have been easily and remotely exploitable, allowed hackers to inject commands through the vulnerable internet application and into the backend databases, potentially tricking them into coughing up sensitive data in the process, and potentially causing financial losses.

Based in Poland, the security researchers reported the security vulnerability to PayPal in early January. Vulnerability Laboratory produced a full-fledged, proof-of-concept demonstration to illustrate its many concerns when it reported the security flaw to PayPal.

The payment-processing company was successful in patching the flaw in late January, but wasn't reported in the media until doday.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Source: The BBC.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.

















Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer






Click here to order your new fully dedicated Plesk server with the Linux operating system.


Get your Linux or Windows dedicated server today.





Click here to order your new fully dedicated Plesk server with the Linux operating system.





Click here to order your new fully dedicated Plesk server with the Linux operating system.