Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Technology firms reveal some details of government data requests

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 4, 2014

Click here to order the best dedicated server and at a great price.

Large U.S. technology companies are sharing some details on the numerous and secret data requests they regularly get from the U.S. government on so-called national security concerns.

Google, Facebook, Microsoft, LinkedIn and Yahoo all posted data for the first time yesterday on the huge volume of specific data requests made under the Foreign Intelligence Surveillance Act, or FISA, which allows the U.S. government to secretly obtain data on user accounts and various communications in cases related to national security.

The releases come after the tech firms filed lawsuits seeking the right to disclose more information about requests for user data.

In response, the Department of Justice issued new disclosure guidelines last week allowing the publication of basic information about FISA requests.

President Obama ordered the change in January as part of his speech on intelligence reform. "Today, for the first time, our report on government requests for user information encompasses all of the requests we receive," said Google lawyer Richard Salgado.

In a joint statement last week, Attorney General Eric Holder and Director of National Intelligence James Clapper said they had concluded "that the public interest in disclosing this information now greatly outweighs the national security concerns that required its classification."

National security officials make FISA requests in a secret court room that has authorized nearly every request it's received so far.

The process came under scrutiny in 2013 following the revelation via NSA leaker Edward Snowden of a secret surveillance court order approving the collection of mass amounts of user metadata from telecom giant Verizon Wireless and leading Internet companies.

The technology companies in question are permitted only to release ranges, rather than precise numbers, for the amount of FISA requests they receive from the government and the number of accounts affected.

However, it's important to note that they can't discuss any details of the requests or the specific identities of the users involved.

"We still believe that more transparency is greatly needed so that everyone can better understand how surveillance laws work and decide whether or not they serve the public interest," said Google's Salgado.

He called for Congress to pass legislation allowing technology companies to reveal "the precise numbers and types of requests we receive, as well as the number of users they affect in a timely manner."

Google's numbers revealed that it received fewer than 1,000 FISA requests between July and December of 2012 covering between 12,000 and 12,999 accounts.

In its most recent reporting period, January to June 2013, Google received under 1,000 FISA requests affecting between 9,000 and 9,999 accounts.

For its part, Yahoo received RFIs (requests for information) for between 30,000 to 30,999 accounts during the same period last year, while Facebook got requests covering between 5,000 and 5,999 accounts.

"We will continue to advocate for reform of government surveillance practices around the world, and for greater transparency about the degree to which those governments can seek access to data in connection with their efforts to keep the population safe," said Facebook general counsel Colin Stretch.

FISA requests targeting LinkedIn between January and June of 2013 covered just under 250 accounts, while Microsoft's encompassed between 15,000 and 15,999 accounts.

The five technology companies in question were among a group that last year called for reform of government surveillance programs to increase transparency and impose limitations on what information can be collected.

In other internet security news

Hackers have put together a corrupted version of the popular FTP program Filezilla, which works just like the real program but surreptitiously passes FTP account login credentials to a hacker-controlled server.

The evil version has the same look and feel as the genuine program and is clearly designed to mask its suspicious activities, such as dialing back home with compromised, corrupted data and changes in the system files.

The trojanized version of Filezilla is actually 6.8 MB smaller than the genuine product even though it comes packed with two extra malicious DLL libraries that don't feature in the genuine code.

The fake version is designed not to install updates, a tactic that along with its stealth features adds up to a threat designed to avoid removal or detection on compromised systems for the maximum time possible.

A write up of the threat, complete with screenshots and code analysis, can be found in a blog post by anti-virus software firm Avast.

"Beware of malformed Filezilla FTP client versions 3.7.3 and 3.5.3," Avast warns. "We have noticed an increased presence of these malware versions of famous open source FTP clients."

"The bogus installer is mostly hosted on hacked websites with fake content," it adds.

Compromised FTP logins can be used to plant malware on associated sites or steal data, among others things. The hackers behind the FileZilla attack and their ultimate purpose remains unclear at present.

In other internet security news

After Target recently reported that over 110 million of its customers' credit cards in the United States have been compromised, now it's U.S. luxury retailer Neiman Marcus that is confirming that details from over 1.1 million of its customers' cards were stolen in a recently detected high-profile security breach.

Credit card details were lifted after hackers successfully planted malware on payment systems over a period that ran between July 18 and October 30, 2013, far earlier than previously suspected.

About 2,400 of the said compromised credit card details have subsequently been abused to make several fraudulent purchases, according to an update by Neiman Marcus on the security breach.

But while the forensic and criminal investigations are ongoing, we do know that malicious software was clandestinely installed on the system. It appears that the malware actively collected or scraped credit card data from July 16, 2013 to October 30, 2013.

During that period, approximately 1,100,000 customer payment cards could have potentially been visible to the malware. To date, Visa, MasterCard and Discover have been notified that approximately 2,400 unique customer payment cards used at Neiman Marcus and Last Call stores were subsequently used fraudulently.

The retailer said that it has already taken extensive security precautions to prevent a repetition of the breach, which has become the subject of ongoing forensic investigation and law enforcement interest.

Neiman Marcus said that it isn't aware of any connection between its breach to the spill of 40 million credit card details by fellow retailer Target.

In an associated statement, Karen Katz, president and CEO at Neiman Marcus Group said that "he was very sorry that some of our customers' payment cards were used fraudulently after making purchases at our stores".

Neiman Marcus said that it is offering the affected customers free credit card monitoring services. "The timeline of the Neiman Marcus compromise demonstrates the strong need for organizations to store long term forensic audit trails in order to investigate security breaches," said Tim Keanini, CTO at security tools firm Lancope.

"According to Neiman Marcus, the attack activity took place between July 16th and October 30th, 2013. However, the compromise was not discovered until January of 2014."

The Target security breach at least has been narrowed down to a specific malware tool (a modified version of Black POS) that affected its POS (point-of-sale) systems and enterprise payment processing servers.

Reuters previously reported that at least three other unnamed retailers may have also been hit by attacks using similar techniques and tools.

On Thursday, Reuters reported that the Feds have since expanded their victim list to include no less than twenty identified victims of hacking over the last year.

The FBI has also put out a warning to retailers urging them to review their security arrangements and to prepare for future possible attacks of the same nature.

Apparently geographically confined to North America, the spate of retailer credit card breaches has led some internet security observers to suggest that the introduction of Chip and PIN would be enough to frustrate future frauds along the same lines.

Anti-fraud firm Easy Solutions argues that upgrading to Chip and PIN alone won't be enough. Other experts suggest that vulnerable Point of Sale systems are the main villains in the Target and Neiman Marcus breaches.

Overall, internet security researchers at Cisco have published a blog on detecting future payment card compromises and shortening the remediation window for such attacks.

The payment card data attacks on Target and other retailers were possible because the POS payment technology includes third party software installed on a computer terminal. The problem is that the payment card data is susceptible to interception in memory before the encryption process and transmission across the network.

Hardware encryption devices at the point of sale can be used to thwart this particular line of attack, says Levi Gundert, technical lead at the Cisco Threat Research department.

In other internet security news

Internet security officials in Germany are warning web users that large networks of hijacked, hacker-controlled PCs (ie- botnets) have harvested no less than 16 million email addresses and password combinations for websites and critical online services.

The German Office of Information Security (called the BSI) says police and security researchers have been closely following thousands of computers that have been infected by malware to spy on users and then send large quantities of spam.

The investigators in Germany found that the computers had gathered a vast collection of email addresses and passwords for mail accounts, social networking websites such as Facebook and Twitter, and all sorts of other services.

The sensitive credentials were lifted in bulk from infected systems and phishing emails were then sent from the botnets' drones.

The BSI and Deutsche Telekom have this week set up a German-language website where users can check their email addresses against the miscreants' database.

Should a user's address be found in the collection, they'll be told to scan their systems for malware, install anti-malware tools, and then change their passwords, particularly where a single password was shared for multiple accounts.

Frustratingly, the BSI didn't reveal the malware powering the botnets, but it did publish an otherwise extensive FAQ in the German language.

Even without the aid of malware and botnet heists, many users are leaving themselves dangerously vulnerable to account theft from the use of poor password choices.

Easily-guessed passwords were found to still be the most popular choices for log-in credentials. We'll keep you updated.

In other internet security news

In a closely scrutinized public speech on national television about the NSA and its covert spy programs, President Obama said this week that the work has already begun on hammering out some detailed reforms.

The President also announced some initial measures, including several steps to prevent the outright abuse of the widely criticized bulk phone-records program and to initiate greater privacy protections for citizens of other nations.

But critics were mostly highly skeptical and unimpressed of the President's speech, some saying it's 'too little, too late'. The speech was a direct response to comments and recommendations made by the president's handpicked NSA Review Group in a report released in late December.

In a larger sense, it was a reaction to the global debate over civil liberties and national security brought on by the leaking of top-secret NSA documents by former agency contractor Edward Snowden-- a debate that's revealed the alarming surveillance capabilities made possible by the digital age.

Echoing remarks in the Review Group's report, the President addressed the need for laws and values to keep pace with technology. "What's at stake in this debate goes far beyond a few months of headlines, or passing tensions in our foreign policy. When you cut through the noise, what's really at stake here is how we remain true to who we are in a world that is remaking itself at dizzying a speed," Obama said.

And the president signaled that he's aware of the concern raised by surveillance critics such as Snowden, Web co-inventor Tim Berners-Lee, journalist and Snowden confidant Glenn Greenwald, and others that say the Internet is at risk of being warped from a free and open, creative space into a Big Brother spy tool that would eliminate privacy once and for all.

"As the nation that developed the Internet in the first place, the world expects us to ensure that the digital revolution works as a tool for individual empowerment rather than government control," Obama said.

As for the practical realities behind such a guarantee, the president specifically tackled some of the Review Group's proposals and said that other proposals would be explored further before any decisions were made. Greenwald expressed skepticism about the real reforms behind Obama's "pretty words."

One of the most talked about items on the agenda was the program whereby the NSA vacuums up, without a warrant, the metadata -- information on calls placed and received -- that's associated with every telephone call made within, to, and from the U.S. every day.

In its report, the Review Group said, as have many people concerned about such surveillance, that metadata "can reveal an enormous amount about that individual's private life." It also said its review suggested that "the information contributed to terrorist investigations" by the NSA's bulk collection of telephony metadata "was not essential to preventing attacks and could readily have been obtained in a timely manner" using conventional legal means.

But one of the group's members -- former CIA Deputy Director Michael Morrell -- said in a later editorial that the program "would likely have prevented 9/11" had it been in place prior to the 2001 terror attacks though the Review Group report also noted, as others have, that the intelligence community had info that could have helped stop the plot but failed to share it among the appropriate agencies, namely the CIA and the FBI.

And Obama cited 9/11 when discussing the program in his speech and said the metadata effort was an important counterterrorism tool. "The telephone metadata program was designed to map the communications of terrorists, so we can see who they may be in contact with as quickly as possible," he said, adding later that "the Review Group turned up no indication that this database has been intentionally abused. And I believe it is important that the capability that this program is designed to meet is preserved."

But the President added that he recognized the danger of abuse of such a program-- ''I believe critics are right to point out that without proper safeguards, this type of program could be used to yield more information about our private lives, and open the door to more intrusive, bulk collection programs. They also rightly point out that although the telephone bulk collection program was subject to oversight by the Foreign Intelligence Surveillance Court and has been reauthorized repeatedly by Congress, it has never been subject to vigorous public debate.''

The President moved toward adopting the Review Group's recommendations on the metadata program. The group said the government should no longer collect and store phone-call metadat. Instead the information should be held by the phone companies (as it is already, as business records) or by some other third party, and that the NSA should need a court order, on a case-by-case basis, to access it.

The president said a transition would take place and that details would need to be worked out because of potential difficulties. "Relying solely on the records of multiple phone-service providers could require companies to alter their procedures in ways that raise new privacy concerns," the President said.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Source: Avast.

Click here to order the best dedicated server and at a great price.

Save Internet's URL to the list of your favorite web sites in your Web browser by clicking here.

You can link to the Internet Security web site as much as you like.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer

Click here to order our special clearance dedicated servers.

Get your Linux or Windows dedicated server today.

Click here to order our special clearance dedicated servers.