Sign up for our Technology Newsletter 
Can Governments Do More?
The UK Government isn’t doing enough to warn about the risks of cybercrime on a mass level, security firm Kaspersky has claimed.
Speaking at a company roundtable event at the firm’s European hub in London on Thursday, Kaspersky security researcher David Emm said isn’t doing as much as it could be to educate people about cyber security.
“I’d like to see the government doing more to get the message out to mainstream citizens and individuals because that’s the bone in which the industry is growing; the individuals with ideas,” Emm said
“If you look at it, the recent Cyber Street Wise campaign aside, I don’t think the government is doing very much in terms of mainstream messaging and I would certainly like to see it do more.”
Emm used the example of major UK marketing campaigns promoting the dangers of drink driving as an ideal model because they have been drilled into us over the years.
“As parents, we’ve this body of common sense, such as drinks driving, and it’s drip, drip, drip, over the years that has achieved that and I think we need to get to a point where we have some body of online common sense in which business people can draw upon; there’s definitely a role for education.”
Barclay’s bank, which was also present at the roundtable, agreed with Emm.
“The government really needs to recognise this is a serious issue – if you’re bright enough to set up your own business, you’re bright enough to protect yourself,” added the firm’s MD of fraud prevention Alex Grant.
Emm concluded by saying that the government’s Cyber Street Wise campaign that was launched in January was good enough to make people aware of the risks of cybercrime in the metropolitan areas. However, he said he’d like to see the government focus more on regional areas as people in sparsely populated areas weren’t as aware of it.
Kaspersky’s roundtable took place as part of the firm’s launch of a report that found small businesses in the UK are “woefully unprepared” for an IT security breach, despite relying increasingly on mobile devices and storing critical information on computers.
The study found that nearly a third, or 31 percent, of small businesses would not know what to do if they had an IT security breach tomorrow, with four in ten saying that they would struggle to recover all data lost and a quarter admitting they would be unable to recover any.
More Ransomware Plaguing Android
Android users have been warned again that they too can become victims of ransomware.
A Cryptolocker-style Android virus dubbed Simplocker has been detected by security firm Eset, which confirmed that it scrambles files on the SD cards of infected devices before issuing a demand for payment.
The message is in Russian and the demand for payment is in Ukrainian hryvnias, equating to somewhere between £15 and £20.
Naturally, the warning also accuses the victim of looking at rather unsavoury images on their phone. However, while the source of the malware is said to be an app called “Sex xionix”, it isn’t available at the Google Play Store, which generally means that anyone who sideloads it is asking for trouble.
Eset believes that this is actually more of a “proof of concept” than an all-out attack, and far less dangerous than Cryptolocker, but fully functional.
Robert Lipovsky of Eset said, “The malware is fully capable of encrypting the user’s files, which may be lost if the encryption key is not retrieved. While the malware does contain functionality to decrypt the files, we strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them.”
Eset recommends the usual – use a malware app. It recommends its own, obviously, and advises punters to keep files backed up. Following such advice, said Lipovsky, ensures that ransomware is “nothing more than a nuisance”.
This is not the first Android cryptolocker style virus. Last month a similar virus was found, which Kaspersky said was “unsurprising, considering Android’s market share”.
Will Google’s Project Shield Work?
Google has opened Project Shield, its service for small websites that don’t have the forces to repel denial of service attacks that might come their way.
Google introduced the service on Google+, saying that it is aimed at websites that might otherwise be at risk of online disruption.
“Project Shield, [is] an initiative that enables people to use Google’s technology to better protect websites that might otherwise have been taken offline by “distributed denial of service” (DDoS) attacks. We’re currently inviting webmasters serving independent news, human rights, and elections-related content to apply to join our next round of trusted testers,” it said.
“Over the last year, Project Shield has been successfully used by a number of trusted testers, including Balatarin, a Persian-language social and political blog, and Aymta , a website providing early-warning of scud missiles to people in Syria. Project Shield was also used to protect the election monitoring service in Kenya, which was the first time their site stayed up throughout an election cycle.”
Interested websites should visit the Google Project Shield page and request an invitation to the experience. They should not try to do the same at Nvidia’s website, as they will probably just come away with a handheld games console. This will not offer much assistance against DDoS attacks.
According to a video shared by Google last night, Project Shield works by combining the firm’s DDoS mitigation technologies and Page Speed Service (PSS).
Are Russian Hackers Exploiting Android?
Comments Off on Are Russian Hackers Exploiting Android?
Russian mobile malware factories are working with thousands of affiliates to exploit Android users, a security company has claimed.
According to Lookout Mobile Security the system is so efficient that almost a third of all mobile malware is made by just 10 organisations operating out of Russia. These “malware HQs” are pumping out nasty toll fraud apps, largely aimed at Android users, which force the user to call premium rate numbers the report said.
Thousands of affiliate marketers are also profiting from the scheme and helping spread the malware by setting up websites designed to trick users into downloading seemingly legitimate apps. Affiliates can make up to $12,000 a month and are heavy users of Twitter.
The report’s release at the DEF CON 21 conference in Las Vegas indicated that Lookout Mobile Security are working with the spooks to bring the crooks down. The malware HQs had gone to great lengths to obfuscate and encrypt their code to make detection tricky, but their advertising was pretty brazen.
Kaspersky Finds New Malware
Kaspersky Lab has discovered three Flame spyware related malware threats that it said use “sophisticated encryption methods”.
Kaspersky claims that it uncovered the three new hostile programs while analysing a number of Command and Control (C&C) servers used by Flame’s creators.
“Sophisticated encryption methods were utilised so that no one, but the attackers, could obtain the data uploaded from infected machines,” the firm’s statement read.
“The analysis of the scripts used to handle data transmissions to the victims revealed four communication protocols, and only one of them was compatible with Flame.
“It means that at least three other types of malware used these Command and Control servers. There is enough evidence to prove that at least one Flame-related malware is operating in the wild.”
The discovery of the three programs indicates that Flame’s Command and Control platform was being developed in 2006, four years earlier than first thought.
Flame was originally uncovered in May targeting Iranian computer systems. The malware drew widespread concerns within the security industry regarding its advanced espionage capabilities.
The full scale of Flame and its overarching implications remain unknown, despite the ongoing joint research campaign being mounted by Kaspersky, IMPACT, CERT-Bund/BSI and Symantec.
“It was problematic for us to estimate the amount of data stolen by Flame, even after the analysis of its Command and Control servers,” said Kaspersky’s chief security expert, Alexander Gostev.
Following the discovery of the three new related programs, Kaspersky’s chief malware expert Vitaly Kamluk told The INQUIRER that Flame is not the only one in this big family.
“There are others and they aren’t just other known malwares such as Stuxnet, Gauss or Duqu,” he said. “They stay in the shadows and no one has published anything about them yet. Others were probably used for different campaigns.”
Kamluk added that it is “very possible” there are more than the three listed in Kaspersky’s report.
“They started building RedProtocol, yet another ‘language’ for unknown malware. No known client types are using that one, which means that there is even more malware out there,” he added.
Google Buys Clever Sense
December 21, 2011 by admin
Filed under Consumer Electronics
Comments Off on Google Buys Clever Sense
Google has purchased Clever Sense, the developer of Alfred, a personalized restaurant and bars recommendations app, for an undisclosed amount, both companies stated.
The Internet giant has been strengthening its local offerings. It acquired in September for example a restaurant ratings publisher Zagat to boost its online maps and local business listings with trustworthy reviews and recommendations.
Alfred, which currently provides recommendations on restaurants, bars, and night life in the locality where the person is, could however down the line broaden its scope, potentially making it the Android alternative to the Siri personal assistant on Apple’s iPhone 4S.
Clever Sense’s co-founder and CEO Babak Pahlavan suggested in a notice on the company’s website that Alfred may include other information sources and services.
Discovering local information is extremely important to both users and businesses, and the acquisition of Clever Sense will benefit both, Pahlavan said. “With Google and Clever Sense working together, our entire team looks forward to building more intelligent, serendipitous and magical services!”, he added.
Google Acquires Zagat
Google has purchased the prestigious restaurant ratings publisher, Zagat to boost its online maps and local business listings with trustworthy reviews and recommendations, which Web surfers increasingly seek and value.
“Zagat will be a cornerstone of our local offering — delighting people with their impressive array of reviews, ratings and insights, while enabling people everywhere to find extraordinary (and ordinary) experiences around the corner and around the world,” wrote Marissa Mayer, Google’s vice president of local, maps and location services, in a blog post.
Google acquired Zagat, which was founded in 1979, because of its brand, reputation and quality of its surveys and reviews, which it publishes in print guides and online. Terms of the deal were not disclosed.
Best known for its restaurant ratings, Zagat also surveys consumers about the quality of hotels, nightclubs and other leisure-themed businesses.
Facebook Is Display Advertising King
Facebook’s U.S. advertising revenue will reach roughly $2.2 billion in 2011, toppling Yahoo Inc to collect the biggest portion of online display advertising dollars, according to a new study.
Facebook’s U.S. advertising revenue will give it a 17.7 percent share of the market for graphical display ads that appear on websites, according to a report released on Monday by research firm eMarketer.
Last year Facebook garnered 12.2 percent share of the U.S. market.
The figures highlights the growing clout of Facebook, the world’s No.1 Internet social network. It has seen its valuation soar to roughly $80 billion in recent transactions for its shares on the private markets as some investors anticipate it could have an initial public offering next year.
While Facebook has grabbed the top ranking, eMarketer analyst David Hallerman said the overall market for display ads, which include banner ads, video ads and Web page sponsorships, is growing robustly enough that it is benefiting numerous companies.