Sign up for our Technology Newsletter 
Are Cyber Criminals Hard To Catch?
Despite 100,000 cyber crimes being committed every year UK authorities only caught 12 hackers.
In fact on average just one person was convicted of an offence under the Computer Misuse Act every month for the past 23 years.
We assume that it was not the same bloke, because he would be the most luckless criminal ever.
Campaigners from the Digital Trust, which supports victims of online abuse, said police do not know how to cope with the problem.
Need more laws
Criminal justice expert Harry Fletcher, who is a director of the Digital Trust, said: “The police still concentrate their resources on traditional offences offline, but most people are more likely to be mugged online than in the street.
“The law needs to change. It should, for example, be an offence to use any technological device to locate, listen to or watch a person without legitimate purpose.
“In addition, restrictions should be placed on the sale of spyware without lawful reasons. It should also be against the law to install a webcam or any other form or surveillance device without the target’s knowledge.”
Of course just creating new laws is not going to mean that more hackers will be caught, it will just mean that there are more crimes which they could be arrested for.
The conviction rate against hackers are not bad, if the coppers do arrest someone. Between 1990 to 2006 only 183 defendants were proceeded against and 134 found guilty under the Computer Misuse Act.
Unfortunately the Trust did not see, to realize that a lot of the hacks against companies and individuals come from overseas, particularly Russian or China. Changing laws in the UK would not change anything.
Target Settles Security Breach
Target is reportedly close to paying out $10m to settle a class-action case that was filed after it was hacked and stripped of tens of millions of peoples’ details.
Target was smacked by hackers in 2013 in a massive cyber-thwack on its stores and servers that put some 70 million people’s personal information in harm’s way.
The hack has had massive repercussions. People are losing faith in industry and its ability to store their personal data, and the Target incident is a very good example of why people are right to worry.
As well as tarnishing Target’s reputation, the attack also led to a $162m gap in its financial spreadsheets.
The firm apologized to its punters when it revealed the hack, and chairman, CEO and president Gregg Steinhafel said he was sorry that they have had to “endure” such a thing
Now, according to reports, Target is willing to fork out another $10m to put things right, offering the money as a proposed settlement in one of several class-action lawsuits the company is facing. If accepted, the settlement could see affected parties awarded some $10,000 for their troubles.
We have asked Target to either confirm or comment on this, and are waiting for a response. For now we have an official statement at Reuters to turn to. There we see Target spokeswoman Molly Snyder confirming that something is happening but not mentioning the 10 and six zeroes.
“We are pleased to see the process moving forward and look forward to its resolution,” she said.
Not available to comment, not that we asked, will be the firm’s CIO at the time of the hack. Thirty-year Target veteran Beth Jacob left her role in the aftermath of the attack, and a replacement was immediately sought.
“To ensure that Target is well positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target,” said Steinhafel then.
“As a first step in this effort, Target will be conducting an external search for an interim CIO who can help guide Target through this transformation.”
“Transformational change” pro Bob DeRodes took on the role in May last year and immediately began saying the right things.
“I look forward to helping shape information technology and data security at Target in the days and months ahead,” he said.
“It is clear to me that Target is an organization that is committed to doing whatever it takes to do right by their guests.”
We would ask Steinhafel for his verdict on DeRodes so far and the $10m settlement, but would you believe it, he’s not at Target anymore either having left in the summer last year with a reported $61m golden parachute.
Qualcomm Goes Ultrasonic
Qualcomm has unveiled what it claims is the world’s first ‘ultrasonic’ fingerprint scanner, in a bid to improve mobile security and further boost Android’s chances in the enterprise space.
The Qualcomm Snapdragon Sense ID 3D Fingerprint technology debuted during the chipmaker’s Mobile World Congress (MWC) press conference on Monday.
The firm claimed that the new feature will outperform the fingerprint scanners found on smartphones such as the iPhone 6 and Galaxy S6.
Qualcomm also claimed that, as well as “better protecting user data”, the 3D ultrasonic imaging technology is much more accurate than capacitive solutions currently available, and is not hindered by greasy or sweaty fingers.
Sense ID offers a more “innovative and elegant” design for manufacturers, the firm said, owing to its ability to scan fingerprints through any material, be it glass, metal or sapphire.
This means, in theory, that future fingerprint sensors could be included directly into a smartphone’s display.
Derek Aberle, Qualcomm president, said: “This is another industry first for Qualcomm and has the potential to revolutionise mobile security.
“It’s also another step towards the end of the password, and could mean that you’ll never have to type in a password on your smartphone again.”
No specific details or partners have yet been announced, but Qualcomm said that the Sense ID technology will arrive in devices in the second half of 2015, when the firm’s next-generation Snapdragon 820 processor is also tipped to debut.
The firm didn’t reveal many details about this chip, except that it will feature Kryo 64-bit CPU tech and a new machine learning feature dubbed Zeroth.
Qualcomm also revealed more details about LTE-U during Monday’s press conference, confirming plans to extend LTE to unused spectrum using technology integrated in its latest small-cell solutions and RF transceivers for mobile devices.
“We face many challenges as demand for data constantly grows, and we think the best way to fix this is by taking advantage of unused spectrum,” said Aberle.
Finally, the chipmaker released details about a new a partnership with Cyanogen, the open-source outfit responsible for the CyanogenMod operating system.
Qualcomm said that it will provide support for the best features and UI enhancements of CyanogenMod on Snapdragon processors, which will be available for the release of Qualcomm Reference Design in April.
The MWC announcements follow the launch of the ARM Cortex-based Snapdragon 620 and 618 chips last month, which promise to improve connectivity and user experience on high-end smartphones and tablets.
Aberle said that these chips will begin to show up in devices in mid to late 2015.
U.S. And Britain Ramping Up Cyber Defense
Comments Off on U.S. And Britain Ramping Up Cyber Defense
The U.S. and Britain are increasing their collaboration to thwart digital threats. They are planning to launch more attacks against each other to test their defenses and scare away possible enemies.
The U.S. and the U.K. have been working together to prevent cyber attacks for some time, but are going to increase the collaboration. They will combine their expertise to set up “cyber cells” on both sides of the Atlantic to increase sharing information about threats and to work out how to best protect themselves and create a system that lets hostile states and organization know they shouldn’t attack, said U.K. prime minister David Cameron in an interview published by the BBC.
Cyber attacks “are one of the biggest modern threats that we face,” according to Cameron who is visiting Washington for talks with U.S. president Barack Obama. One of the topics high on the agenda is digital security.
The countries will increase the “war games” launched at each other to test defenses. “It is happening already but it needs to be stepped up,” Cameron said, adding that British intelligence service GCHQ and the U.S. equivalent NSA have know-how that should be shared more.
“It is not just about protecting companies, it is also about protecting people’s data, about protecting people’s finances. These attacks can have real consequences to people’s prosperity,” he said.
However, in order to protect companies and citizens better, increased snooping powers to track terrorists on social networks are necessary, said Cameron. He is planning to discuss this issue with Obama and U.S. companies including Google and Facebook.
The increased cooperation between the countries comes in the wake of the Sony hack and the apparent hacking of the U.S. Central Command’s Twitter account by ISIS (Islamic State of Iraq and Syria), which posted tweets threatening families of U.S. soldiers and claiming to have hacked into military PCs.
Zeus Attached To Cancer Email Scam
March 28, 2014 by admin
Filed under Around The Net
Comments Off on Zeus Attached To Cancer Email Scam
Thousands of email users have been hit by a sick cancer email hoax that aims to infect the recipients’ computers with Zeus malware.
The email has already hit thousands of inboxes across the UK, and looks like it was sent by the National Institute for Health and Care Excellence (NICE). It features the subject line “Important blood analysis result”.
However, NICE has warned that it did not send the malicious emails, and is urging users not to open them.
NICE chief executive Sir Andrew Dillon said, “A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results.
“This email is likely to cause distress to recipients since it advises that ‘test results’ indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”
The hoax message requests that users download an attachment that purportedly contains the results of the faux blood analysis.
Security analysis firm Appriver has since claimed that the scam email is carrying Zeus malware that if installed will attempt to steal users’ credentials and take over their PCs.
Appriver senior security specialist Fred Touchette warned, “If the attachment is unzipped and executed the user may see a quick error window pop up and then disappear on their screen.
“What they won’t see is the downloader then taking control of their PC. It immediately begins checking to see if it is being analysed, by making long sleep calls, and checking to see if it is running virtually or in a debugger.
“Next it begins to steal browser cookies and MS Outlook passwords from the system registry. The malware in turn posts this data to a server at 69.76.179.74 with the command /ppp/ta.php, and punches a hole in the firewall to listen for further commands on UDP ports 7263 and 4400.”
Did Sears Suffer A Data Breach?
Sears Holdings Corp acknowledged it has launched an investigation to determine whether it was the victim of a security breach, following Target Corp’s revelation at the end of last year that it had suffered an unprecedented cyber attack.
“There have been rumors and reports throughout the retail industry of security incidents at various retailers and we are actively reviewing our systems to determine if we have been a victim of a breach,” Sears spokesman Howard Riefs said in a statement on Friday.
“We have found no information based on our review of our systems to date indicating a breach,” he added.
He did not say when the operator of Sears department stores and Kmart discount stores had begun the investigation or provide other information about the probe.
Sears Holdings Corp operates nearly 2,500 retail stores in the United States and Canada.
Bloomberg News reported on Friday that the U.S. Secret Service was investigating a possible secret breach at Sears, citing a person familiar with the investigation. The report did not identify that source by name.
The Bloomberg report said that its source did not disclose details about the scope or timing of the suspected breach.
A spokesman for the U.S. Secret Service declined comment when Reuters asked if the agency was investigating a possible breach at Sears.
The Secret Service is leading the U.S. government’s investigation into last year’s attack on Target, which the company has said led to the theft of some 40 million payment card numbers as well as another 70 million pieces of personal data.
Sony Exits PC Business
Sony will unload its struggling PC business to a Japanese investment firm, the company said Thursday, raising the possibility that the “Vaio” brand could all but disappear from markets outside Japan.
Tokyo-based investment fund Japan Industrial Partners (JIP) will operate the Vaio PC brand under a newly established firm and initially sell PCs in Japan only.
In another reform aimed at bolstering its restructuring efforts, Sony also said it would turn its beleaguered TV business into a subsidiary.
The moves come as Sony said it now expects a net loss of $1.1 billion for the year to the end of March, a reversal of its October profit forecast.
Vaio, which Sony introduced in 1996, looks set to vanish from most markets, at least for short term, as the new company will initially concentrate on selling consumer and corporate PCs in Japan. Whether or not Sony will continue to produce products under the Vaio brand remains to be seen, Sony said.
Although Sony is selling its PC business, it will continue to produce tablet computers, part of its renewed focus on mobile devices including smartphones.
Sony did not put a price on the sale. Sony will take a 5% stake in the new firm, it said.
Sony will stop making and selling PCs after its 2014 Spring lineup launch, but about 250 to 300 Sony staff, including some from a subsidiary that produces TV sets, cameras and computers at factories in Japan, will be hired by the new company, which is to be based at the hub of Sony’s current PC business in Japan’s Nagano Prefecture.
Meanwhile, Sony said it will turn its TV business, which has faced a decade of losses, into a wholly owned subsidiary by July 2014.
Did A Hacker OD?
Top hacker Barnaby Jack died from mixing too many drugs in one session, a coroner’s report shows. Kiwi-born Jack was supposed to give a talk at a security conference when he was found dead in his bed.
Conspiracy nuts raised an eyebrow or two when it was revealed that Jack’s death occurred shortly before he was due to demonstrate how heart implants could be hacked at the Black Hat security conference in Las Vegas. He did not have a mark on him and showed no signs of trauma. However, now a coroner’s report has shown that Jack had a mix of heroin, cocaine and prescription drugs in his system. And he died of “acute mixed drug intoxication.”
Jack rose to fame after a 2010 demonstration, in which he hacked a cash machine, making it give out money. Jack’s girlfriend had found him lying in bed unresponsive, with “multiple bottles of beer and champagne” in the rubbish bin, so it must have been a hell of a night.
King.com Has IPO In The Works
October 8, 2013 by admin
Filed under Around The Net
Comments Off on King.com Has IPO In The Works
King.com Ltd, the British mobile gaming firm best known for its popular puzzle game ‘Candy Crush Saga’, has filed confidentially for an initial public offering (IPO) in the United States, a person familiar with the matter said on Sunday.
Online technology companies are rushing to the stock market on the backs of Twitter Inc’s announcement earlier this month that it plans to go public in the most eagerly anticipated IPO since last year’s flotation ofFacebook Inc.
Emerging growth companies such as King can use a secretive IPO registration process in the U.S. thanks to the Jumpstart Our BusinessStartups (JOBS) Act, which loosened a number of federal securities regulations in hopes of boosting capital raising and thereby increasing job growth.
King has hired Bank of America Merrill Lynch Corp, Credit Suisse Group AG and JPMorgan Chase & Co to lead the offering, said the person, confirming an earlier report by the Daily Telegraph and asking not to be identified because the information is confidential.
Representatives for King and the banks either declined to comment or did not respond to requests for comment.
King offers 150 games in 14 languages through mobile phones, Facebook and its website. It boasts more than 1 billion gameplays per day from its users.
The company’s games appeal to a growing trend for players to play puzzles with their friends in short bursts, especially as games are increasingly played on the move on phones or tablets to kill spare minutes.
Rival Zynga Inc went public two years ago in a high-profile IPO that raised $1 billion. Since then, Zynga has suffered from sagging morale during several quarters of worsening performance and repeated waves of layoffs.
Founded in 2003, King has been profitable since 2005 and has not had a funding round since September of that year, when it raised 34 million euros ($46.04 million) from investment firms Apax Partners and Index Ventures.
Cyber Attacks Increasing In Middle East
Comments Off on Cyber Attacks Increasing In Middle East
Syria’s civil war and political strife in Egypt have given birth to new battlegrounds on the Web and driven a surge in cyber attacks in the Middle East, according to a leading Internet security company.
More than half of incidents in the Gulf this year were so-called “hacktivist” attacks – which account for only a quarter of cybercrime globally – as politically motivated programmers sabotaged opposing groups or institutions, executives from Intel Corp’s software security division McAfee said on Tuesday.
“It’s mostly bringing down websites and defacing them with political messages – there has been a huge increase in cyber attacks in the Middle East,” Christiaan Beek, McAfee director for incident response forensics in Europe, Middle East and Africa (EMEA), told Reuters.
He attributed the attacks to the conflict in Syria, political turmoil in Egypt and the activities of hacking collective Anonymous.
“It’s difficult for people to protest in the street in the Middle East and so defacing websites and denial of service (DOS) attacks are a way to protest instead,” said Beek.
DOS attacks flood an organization’s website causing it to crash, but usually do little lasting damage.
The Syrian Electronic Army (SEA), a hacking group loyal to the government of President Bashar al-Assad, defaced an Internet recruiting site for the U.S. Marine Corps on Monday and recently targeted the New York Times website and Twitter, as well other websites within the Middle East.
Beek described SEA as similar to Anonymous.
“There’s a group leading operations, with a support group of other people that can help,” said Beek.
McAfee opened a centre in Dubai on Monday to deal with the rising threat of Internet sabotage in the region, the most serious of which are attacks to extract proprietary information from companies or governments or those that cause lasting damage to critical infrastructure.
Cyber attacks are mostly focused on Saudi Arabia, the world’s largest oil exporter, Qatar, the top liquefied natural gas supplier, and Dubai, which is the region’s financial, commercial and aviation hub, said Gert-Jan Schenk, McAfee president for EMEA.
“It’s where the wealth and critical infrastructure is concentrated,” he said.
The “Shamoon” virus last year targeted Saudi Aramco, the world’s largest oil company, damaging about 30,000 computers in what may have been the most destructive attack against the private sector.
“Ten years ago, it was all about trying to infect as many people as possible,” added Schenk. “Today we see more and more attacks being focused on very small groups of people. Sometimes malware is developed for a specific department in a specific company.”