Thanks to THiNKTaNK that posted this on one of our BRIDGES
▼Welcome To The Cybercriminal Underground▼
FACTS, RISK,SECURITY & RESEARCH BLOG PORTABLE
○ ○ ○
For banks, their number one is protecting the impression of trust. If they lose that
impression of trust, that bank goes out of business. It's that simple...There's
no device known to mankind that will prevent people from being
idiots...You may not be interested in strategy,
but strategy is interested in you.
IRA WINKLER | MARK RASCH
○ ○ ○
Facts aren't meant to scare. Facts, in the the right hands, strengthen the hand, mind and will to more adequately deal with threats at play. That's why I thank my good friends at TrendLabs (TrendMicro) for the above.
Anything 'cyber' involves digital (i.e., online or networked) communications systems. Under the rubric of Cyber Security (“Cybersecurity”), the ones relevant to this blog include: Cybercrime, Cyber Espionage, Cyber Terrorism, Cyber Warfare and Cyber Threats.
Cybercrimes are crimes committed using computers and networks. These include hacking, intellectual property crimes such as downloading or stealing files; credit card and identity or other financial fraud or theft that, as above, may involve stealing millions of dollars from banks.
Economic and Industrial Espionage are defined below. But Cyber Espionage involves the calculated use, for purposes of stealing and gaining competitive or other strategic (economic, national, military, intelligence or political) advantage, of computers and/or digital communications techniques to gain unauthorized access to sensitive or secret information. Such information may also be resold or simply used against an adversary or competitor.
Called Cyber Attacks, disruptive or harmful attacks on networks, computer systems, and other communication infrastructure (infra) by groups or terrorists for political and other ideological reasons, fall under the rubric of Cyber Terrorism. DDoS (i.e., Distributed Denial of Service) attacks are the most common method used. Think Estonia, 2007.
Speaking of Estonia, Cyber Warfare involves nation states. As with the 2008 Russia-Georgia War (aka, 2008 South Ossetia War). Cyber Warfare comprise targeted, coordinated (ie., synchronized) and/or full spectrum critical network intrusions aimed at compromising, degrading, interrupting, corrupting, disrupting debilitating or destroying critical systems and data, communications, business operations, energy, medical, transportation and other infrastructural services. This significantly neutralizes, leaves vulnerable and/or defenseless the target nation's Critical Infrastructure,Critical (electronic) Assets and even Command and Control, creating chaos.
That is why we say after Land, Air, Sea and Space, Cyber Space (specifically, Information Warfare) is the 5th domain of current and future warfare. Further, a nation “must learn to negotiate a new geography, where borders are irrelevant and distances meaningless, where an enemy may be able to harm the vital systems we depend on without confronting our military power”.
Hence, Cyber Security involves the protection of information and systems from major Cyber Threats which may or may not be intentional. Which may or may not originate from/by poorly trained employees, disgruntled employees or contractors, poorly secured/patched computers, vendor systems, cyber criminals (as in video above), virus writers and hackers, hactivists and anarchists, and foreign governments.
○ ○ ○○ ○ ○
Now, whether a Cyber Threat is “directed toward Access to, Exfiltration of, Manipulation of, or Impairment to the Integrity, Confidentiality, Security, or Availability of data, an application, or a federal system, without lawful authority” or not, the adverse domino effect to any nation, organization or individual often revolves around the loss of assets due to a cyber event, loss of reputation/trust, Business Continuity, Information andOperations Assurance.To delve deeper via Series (6i). But at this point, we'll turn to one of the first critical steps in protecting yourself. And that involves having an excellenta vulnerability scanner: criminal hackers' enemy.
Now, because Java exploits (including browser plugins that enable Java applications) claim more than 50% of computer hacks followed by unpatched Windows vulnerabilities, I strongly recommend that you completely uninstall or at least disable Java applications. That is, unless, and until you absolutely need one at any given time. And why? Because those exploits will completely bypass any Internet Security/Firewall & Antivirus solutions you have in place.
You bolster your security posture with a strongerWindows and Mac software and patch vulnerability manager/scanner/updater that goes further than your operating system's updater bymonitoring the ever changing (software) security threat landscape.
Also, in case you were wondering: "a vulnerability scanner is a computer program designed to scan for vulnerabilities that are present within your network" or computer. And what's the point of all that? Let's first take a short break, shall we?
○ ○ ○
○ ○ ○
Simply put, you want to focus on your work, watch that favorite clip or new video, or chat with your friends. However, maintaining a secure computer doesn't end with anAntivirus or Firewall. Computer criminals are all around and they depend on old insecure software on your computer to get in and exploit you. So, what you want to do is safeguard your data and computer easily with something that scans and identifies such old and insecure software needing updates. For Windows users, doesn't Windows Update take care of that? Short answer: Not really.
So let's examine results on one computer I tested. Bear in mind that when we talk about vulnerability, all that is required to successfully mount an attack against your computer is just one program, one security hole. So, no. We're not talking Grade B+ being enough here.
○ ○ ○
Double Click image to ZoomEnd-of-Life is therefore just as bad as "Insecure".
○ ○ ○
We'll check on that computer's score later. But for now, we know Secunia PSI (Personal Software Inspector) is what we want. But remember, as in the previous blog: You need Administrator privileges to successfully proceed with the install. And although most tech savvy users usually wouldn't require help at this stage (i.e., after clicking the "Come and get it" below), I'll provide some illustration so you have an idea of what to expect. So, how to get the latest version?
○ ○ ○○ ○ ○
Yes. Click it. And now with Admin privileges, you're ready to install
○ ○ ○ClickNext
○ ○ ○Accept the Terms
○ ○ ○ClickNext
○ ○ ○Next
○ ○ ○Click Install
(or change the location if you want)
○ ○ ○
When it's done, you'll see a tray icon and as it quietly scans, ocassionally, you'll see status updates telling you a "new program" has been "removed", etc. You can always click on that to get more information. What you really want is the Scan Results, which you can get to from the Dash Board.
○ ○ ○
Double Click image to ZoomNotice the Scan Results option
(on the top left)
○ ○ ○
Now, scroll back up to the top. The results you see directly below is the same computer
(after it'd been cleaned up)
○ ○ ○
Double Click image to Zoom○ ○ ○
So, how did we get here? Notice (directly above) where it says Install Solution?
And from the left Detected Version, Threat Rating, Program State?
You can either follow the Install Solution option or click
the "plus" icon next to the program of your choice
(for example Adobe Flash Player 11)
for more information on what
to do. See the Java update
○ ○ ○
Double Click image to ZoomI hope that helps
○ ○ ○
There's always a better and stronger alternative around the corner or out there and you can expect more from me. But if you want to try a basic scan with language options, you can try the free Java-based OSI (Online Security Inspector) option from the same reputable company.
○ ○ ○○ ○ ○
Stay vigilant & smart. There's better security through paranoia!High Impact Strategic Business Sense Series 6e (Highly Recommended)(Follow the Dove)
The Brussels Proclamation of August 4, 2013 declares the Roman Catholic Church to be a Transnational Criminal Organization under international law, and issues an arrest order against Pope Francis 1, Jorge Bergoglio, for inciting criminality and assaulting the Law of Nations. Citizens are authorized to help disestablish this criminal organization and bring Bergoglio to justice.
Some of the world’s leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain’s spy agency GCHQ, and are passing on details of their customers’ phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show.
BT, Vodafone Cable, and the American firm Verizon Business – together with four other smaller providers – have given GCHQ secret unlimited access to their network of undersea cables. The cables carry much of the world’s phone calls and internet traffic.
In June the Guardian revealed details of GCHQ’s ambitious data-hoovering programmes, Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible.
It emerged GCHQ was able to tap into fibre-optic cables and store huge volumes of data for up to 30 days. That operation, codenamed Tempora, has been running for 20 months.
On Friday Germany’s Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers’ private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora.
The document identified for the first time which telecoms companies are working with GCHQ’s “special source” team. It gives top secret codenames for each firm, with BT (“Remedy”), Verizon Business (“Dacron”), and Vodafone Cable (“Gerontic”).
The other firms include Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law.
The revelations are likely to dismay GCHQ and Downing Street, who are fearful that BT and the other firms will suffer a backlash from customers furious that their private data and intimate emails have been secretly passed to a government spy agency.
In June a source with knowledge of intelligence said the companies had no choice but to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.
Together, these seven companies operate a huge share of the high-capacity undersea fibre-optic cables that make up the backbone of the internet’s architecture. GCHQ’s mass tapping operation has been built up over the past five years by attaching intercept probes to the transatlantic cables where they land on British shores.
GCHQ’s station in Bude, north Cornwall, plays a role. The cables carry data to western Europe from telephone exchanges and internet servers in north America.
This allows GCHQ and NSA analysts to search vast amounts of data on the activity of millions of internet users. Metadata – the sites users visit, whom they email, and similar information – is stored for up to 30 days, while the content of communications is typically stored for three days.
GCHQ has the ability to tap cables carrying both internet data and phone calls. By last year GCHQ was handling 600m “telephone events” each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.
Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.
This operation is carried out under clandestine agreements with the seven companies, described in one document as “intercept partners”. The companies are paid for logistical and technical assistance.
The identity of the companies allowing GCHQ to tap their cables was regarded as extremely sensitive within the agency. Though the Tempora programme itself was classified as top secret, the identities of the cable companies was even more secret, referred to as “exceptionally controlled information”, with the company names replaced with the codewords, such as “GERONTIC”, “REMEDY” and “PINNAGE”.
However, some documents made it clear which codenames referred to which companies. GCHQ also assigned the firms “sensitive relationship teams”. One document warns that if the names emerged it could cause “high-level political fallout”.
Germans have been enraged by the revelations of spying by the National Security Agency and GCHQ after it emerged that both agencies were hoovering up German data as well. On Friday the Süddeutsche said it was now clear that private telecoms firms were far more deeply complicit in US-UK spying activities than had been previously thought.
The source familiar with intelligence maintained in June that GCHQ was “not looking at every piece of straw” but was sifting a “vast haystack of data” for what he called “needles”.
He added: “If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other.”
The source said analysts used four criteria for determining what was examined: security, terror, organised crime and Britain’s economic wellbeing.”The vast majority of the data is discarded without being looked at … we simply don’t have the resources.”
Nonetheless, the agency repeatedly referred to plans to expand this collection ability still further in the future.
Once it is collected, analysts are able to search the information for emails, online chats and browsing histories using an interface called XKeyscore, uncovered in the Guardian on Wednesday. By May 2012, 300 analysts from GCHQ and 250 NSA analysts had direct access to search and sift through the data collected under the Tempora program.
Documents seen by the Guardian suggest some telecoms companies allowed GCHQ to access cables which they did not themselves own or operate, but only operated a landing station for. Such practices could raise alarm among other cable providers who do not co-operate with GCHQ programmes that their facilities are being used by the intelligence agency.
Telecoms providers can be compelled to co-operate with requests from the government, relayed through ministers, under the 1984 Telecommunications Act, but privacy advocates have raised concerns that the firms are not doing enough to challenge orders enabling large-scale surveillance, or are co-operating to a degree beyond that required by law.
“We urgently need clarity on how close the relationship is between companies assisting with intelligence gathering and government,” said Eric King, head of research for Privacy International. “Were the companies strong-armed, or are they voluntary intercept partners?”
Vodafone said it complied with the laws of all the countries in which its cables operate. “Media reports on these matters have demonstrated a misunderstanding of the basic facts of European, German and UK legislation and of the legal obligations set out within every telecommunications operator’s licence … Vodafone complies with the law in all of our countries of operation,” said a spokesman.
“Vodafone does not disclose any customer data in any jurisdiction unless legally required to do so. Questions related to national security are a matter for governments not telecommunications operators.”
A spokeswoman for Interoute said: “As with all communication providers in Europe we are required to comply with European and local laws including those on data protection and retention. From time to time we are presented with requests from authorities. When we receive such requests, they are processed by our legal and security teams and if valid, acted upon.”
A spokeswoman for Verizon said: “Verizon continually takes steps to safeguard our customers’ privacy. Verizon also complies with the law in every country in which we operate.”