Proof That Employees Don't Care About Security

Does anyone think that this experiment would turn out any differently?

An experiment carried out within London's square mile has revealed that employees in some of the City's best known financial services companies don't care about basic security policy. CDs were handed out to commuters as they entered the City by employees of IT skills specialist The Training Camp and recipients were told the disks contained a special Valentine's Day promotion.

However, the CDs contained nothing more than code which informed The Training Camp how many of the recipients had tried to open the CD. Among those who were duped were employees of a major retail bank and two global insurers. The CD packaging even contained a clear warning about installing third-party software and acting in breach of company acceptable-use policies -- but that didn't deter many individuals who showed little regard for the security of their PC and their company.

This was a benign stunt, but it could have been much more serious. A CD-ROM carried into the office and run on a computer bypasses the company's network security systems. You could easily imagine a criminal ring using this technique to deliver a malicious program into a corporate network -- and it would work.

Source - Schneier on Security

Microsoft Confirms USB Bug That Drains Batteries

An unfixed bug in the USB (Universal Serial Bus) driver of Windows XP Service Pack 2 OS causes a notebook's battery to drain faster than usual when there is a device connected to its USB port, Microsoft confirmed Friday. In a statement through its public relations firm Waggener Edstrom Inc., Microsoft also admitted that the flaw, which lies in the ACPI (Advanced Configuration and Power Interface) driver of Windows XP SP 2, will remain without an easy-to-apply fix indefinitely. The ACPI is part of the OS's power management scheme for USB 2.0, the latest standard for USB peripheral ports on notebook computers. The flaw affects some Intel-based laptop computers, according to Microsoft. The company informed its support and OEM (original equipment manufacturer) hardware partners of its existence in July 2005 through an article in its knowledge base, a searchable database where support partners can find information about Microsoft technology. In that article, the company outlined a registry key fix for the bug, but this fix requires a "deep understanding" of the OS and there are risks involved with implementing it so it is not meant for general customer user, Microsoft said.

Source - ARNnet

Chinese Hackers Accused Of Mass Theft Relating To Online Game Lineage in South Korea

Chinese hackers were accused of being involve in the recent mass theft of private information from tens of thousands of people linked to the popular online game "Lineage" in South Korea. The game is operated by NCSoft. The accusation is from GEOT, a network security company in South Korea. During the period from May 2005 to February 2006, South Korea reported about 4,000 online game theft cases, in which South Korean online gamers were hacked via hacking programs known as malware and lost their online game accounts, passwords, as well as virtual items, according to GEOT. The hacking programs are capable of stealing personal information, and was found to be embedded into certain websites, and would secretly infect the computers of internet users when they visited these websites. The malware allows hackers to find the login name and password of online games and sends them back automatically via email to Chinese websites. GEOT said that most of these programs were developed by Chinese hackers with the aim of stealing virtual items used in online games from South Korean players.

Source - InterFax

BP Declares War On The Lan

Energy group BP has shifted thousands of its employees off its LAN in an attempt to repel organised cybercriminals. Rather than rely on a strong network perimeter to secure its systems, BP has decided that these laptops have to be capable of coping with the worst that malicious hackers can throw at it, without relying on a network firewall. Ken Douglas, technology director of BP, told the UK Technology Innovation & Growth Forum in London on Monday that 18,000 of BP's 85,000 laptops now connect straight to the Internet even when they're in the office. "Hackers and virus writers have been a problem for years. But today there are very well-organised gangs in Russia, China and Brazil, with large teams and large server farms, that are determined to get their hands on our internal data and our users' identities," said Douglas.

Source - ZDNet UK

Security Groups Discover Second Mac OS X Worm - OSX/Inqtana-A

A second worm attacking the Mac OS X has been discovered over the weekend. The OSX/Inqtana-A worm spreads between Apple Macintosh computers via a Bluetooth vulnerability. The new worm has appeared within days of the discovery of OSX/Leap-A, the first virus for Mac OS X. The Inqtana worm, which may start at boot up, attempts to discover Bluetooth devices that will accept a file via the OBEX Push service (typically requiring user intervention). It exploits a vulnerability known as CAN-2005-1333 to spread itself to other vulnerable Mac OS X computers. Apple, however, had released a patch against this vulnerability in mid 2005, meaning the worm is highly unlikely to spread successfully. Users of Mac OS X, however, have been advised to keep their software updated against the latest security vulnerabilities in Apple's code. "It's disturbing to see a second worm for Mac OS X so soon after the first, but it should be remembered that this is only two compared to well over 100,000 viruses for Microsoft operating systems," said Graham Cluley, senior technology consultant for Sophos. "The good news is that Inqtana is not going to spread successfully in the wild, but this announcement will still be a shock to those in the Mac community who thought hackers were not interested in their operating system."

Source - IT News Online

Firms Urged To Tackle Wi-Fi Hotspot Risks

Firms need to do more to ensure the security of mobile devices used by staff in Wi-Fi hotspots provided by wireless internet service providers (Wisps) or other third parties, according to a new report. Failure to do so could result in legal problems if, for example, data is stolen. The report, compiled by law firm Charles Russell in association with managed Wisp iBahn, says that although there have so far been no such legal actions in the UK, the dangers are increasing, which may push more companies to promote enforceable security policies. Robin Bynoe, a partner at Charles Russell, said, "If somebody is stupid enough not to protect their laptops then it comes down to who has got their small print in place [to avoid liability] – the Wi-Fi provider, the venue for Wi-Fi provision or the corporate. It's also important to educate users – if you don't tell people why [security is] important, they won't take any notice."

Source - computing.co.uk

Westpac's Anti-Keylogging Attempt Questioned

Some believe that Westpac's new anti-keylogging sign in page, is a joke and does not go far enough to ensure security. The bank last week launched a new sign-in page which uses an on-screen keypad designed to prevent the incidence of key-stroke logging fraud by removing the use of a keyboard to enter in passwords. Andrew Young who has worked in corporate IT for 10 years and has built web sites for three years, uses Westpac for his online banking, because he believes that overall it offers a good service. "But they just do stupid things sometimes, such as this new anti-keylogging sign-in page," he said. "Many key-loggers can record screen-shots and mouse movements, which totally nullifies this security upgrade, and this new system increases the risk of people being able to get your password especially if you are using the site in an office, Internet cafe or other public space where people can view your monitor." Another flaw is that the bank forces customers to use a short, fixed-length passwords of six characters, which Young says makes it easier for hackers to guess and remember passwords.

Source - PC World Australia

Google Admits Desktop Security Risk

Businesses have been warned by research company Gartner that the latest Google Desktop Beta has an "unacceptable security risk," and Google agrees. On Feb. 9, Google unveiled Google Desktop 3, a free, downloadable program that includes an option to let users search across multiple computers for files. To do that, the application automatically stores copies of files, for up to a month, on Google servers. From there, copies are transferred to the user's other computers for archiving. The data is encrypted in transmission and while stored on Google servers. The risk to enterprises, according to Gartner, lies in how this shared information is pooled by Google. The data is transferred to a remote server, where it is stored and can then be shared between users for up to 30 days. Gartner said in a report on Thursday that the "mere transport (of data) outside the enterprise will represent an unacceptable security risk to many enterprises," as intellectual property could be transported out of the business.

Source - CNet News

Chicago Planning for Citywide Wi-Fi

The nationwide rush to go wireless appears poised to extend to its biggest city yet. Chicago is launching an effort to offer wireless broadband, city officials said Friday, jumping on the Wi-Fi bandwagon as similar initiatives proceed in Philadelphia, San Francisco and smaller cities. Chicago has hundreds of Wi-Fi hotspots in places like coffee shops, bookstores and libraries, where anyone can walk in, sit down and connect to the Web. Hoping to extend that wireless blanket to all 228 square miles, the city plans to ask technology companies this spring to submit proposals for the project. While it's too soon to say how the system would operate, the goal is to make Internet access "broad and affordable" for residents and heighten Chicago's appeal for businesses and tourists alike, according to Chris O'Brien, the city's chief information officer.

Source - CNN

With Gates Leading The Call, IT Vendors Eye Cooperation On IT Security

Perhaps the best example today of collaboration among IT vendors to improve security is the Trusted Computing Group, an alliance of more than 120 companies led by Advanced Micro Devices, Hewlett-Packard, IBM, Infineon, Intel, Microsoft, and Sun. It has succeeded in getting a dedicated encryption and digital signature chip, the Trusted Platform Module, inside almost every business PC sold in the United States. At last week's RSA Conference on security, the group showed prototypes that use the chip to secure networking and make storage more secure, too. There's just one big problem for the computing group: The chip comes disabled by default, and it's not supported by Windows. Most people don't even know that they have one, let alone use it. It's an apt illustration of the state of collaboration in security today. While collaboration was one of the main topics of discussion at the RSA Conference, with some real products to back it up, it's clear that such security efforts have a long way to go.

Source - Security Pipeline

Incident Statistics January 2006

Spam-------------------------1227
Harassment-------------------3
Forgery------------------------9
Hack Threat------------------3
Malicious Code---------------1
Denial of Service-------------0
Intrusion---------------------26

Content Copyright MyCERT/NISER 2006
http://www.niser.org.my/statistics.html

Lac Léman, Genève - Magnifique vue depuis les hauteurs environnantes...

Lac Léman, Genève - Magnifique vue depuis les hauteurs environnantes..., originally uploaded by Great original pictures.