WEEKLY DATA SECURITY NEWS ROUND UP Ed. 13 December 10-14, 2012
Facebook Helps Feds Take Down and Arrest 10 Involved in a $850 Million Botnet Ring
WEEK IN NUMBERS 11 million - Amount of Computers under control of the “Butterfly” Botnet Ring 800,000+ - Amount of Signatures gathered in protest of proposals at the WCIT 2012
1.6 million - Accounts leaked from NASA, FBI, and other agencies by the hacker group “Ghost Shell”, a spinoff of Anonymous
With reverse engineering, the Facebook watch dogs were able to take an 850 million dollar bite out of crime.
If you’ve ever received an odd facebook chat message from a friend that said “Hey, Check out this Hilarious video! haha!” with a link provided, that means your friend was one of the many victims of the Botnet Ring that was taken down by authorities on Tuesday. This international botnet ring had hackers all around the world including Bosnia, Croatia, Macedonia, New Zealand, and controlled more than 11 million computers. The estimate of money lost over the years from this particular “Butterfly” Botnet Ring is $850 million! To say Facebook “helped” the investigation is like saying NASA “helped” Neil Armstrong get to the moon, they have gotten very serious about protecting their users and the site itself that has so much riding on its security. The press release issued by the Justice Department said that Facebook helped to “Identify the root cause, the perpetrators, and those affected by the malware”. So basically, they did the whole investigation. Manos Antonakakis, a specialist in fighting botnets, says that “This is a major achievement for law enforcement, and we look forward to....[tackling] emerging botnets out there”. Others like Peter G. Neumann, a principal scientist at SRI Intertional, aren’t as thrilled about the takedown noting that it doesn’t tackle the fundamental issue of weak computer security. Tackling the core issue of weak computer security is always ideal, but in a time of constant change and emerging new malwares, it’s not always possible. In this case, it’s good to see good ol’ fashion capitalism hard at work to protect its investment and empire in the cyber-realm. Don’t get this law enforcement side of Facebook mixed up with them doling out cyberjustice for good, they are just making sure if anybody is going to mess with their users, it’s going to be them. Source: NYTimes, Wired
Global Internet Discussions at Dubai Come to a Close After Two Weeks and the Verdict? We’re Fine. Last week, our headline story was about the World Conference on International Telecommunications (WCIT) and how it could affect the future of Global Internet laws. Many were very concerned, and outcries ranged anywhere from the Google VP to the popular website “reddit”. The sensationalist thread title “UN
seriously considering government control over the internet...This means that we have two days to collect as many signatures as possible opposing this (link to petition)” appeared on the front page of the website for millions to see.
190+ nations plotting to take over full control of the internet!...Just kidding.
Now, reddit has rallied strong forces together before to oppose bills like SOPA and PIPA that legitimately threatened to strengthen U.S. censorship powers over the internet. However, when reddit gets serious about a cause, they start calling and e-mailing every single person in the House of Reps and the Senate, not signing a meaningless online petition. Even though this title and the petition made front page, the top comment on the matter was made by user greg_lw stating “imaginary threats call for drastic imaginary measures!”
This means nobody was really biting, with everyone realizing that the situation wasn’t all that threatening to begin with, and even if it was, an online petition with a million signatures wasn’t going to change a thing. Full details on what exactly was accomplished in the two week meeting are being disclosed today, and the results are that no agreeement was made. Key nations like the U.S. stated that they couldn’t “sign the agreement in its current form.” Terry Kramer, head the U.S. delegation, went on to say that “The internet has given the world unimaginable economic and social benefit during these past 24 years, all without UN regulation. We candidly cannot support an ITU Treaty that is inconsistent with the multi-stakeholder model of internet governance.” Source: Reddit, Avaaz, Theguardian
If You Use Internet Explorer, Someone Could be Tracking All Your Moves Right Now
“Don’t track me bro!”
Spider.io, a web analystics company, has found an exploit in the popular browser “Internet Explorer” versions 6-10 that allow your mouse cursor to be tracked anywhere on the screen, even if IE is minimized. This is troubling because it also compromises virtual keyboards and keypads, which will eventually end up giving away key information such as a credit card or social security number. The reason this hack stands out from the rest is that it’s a vulnerability that really only exists in Internet Explorer, and even if you don’t download or click on a single bad link, it can still happen. The attacker can get access to the mouse movements by simply getting an ad slot on any webpage, including big guys like Youtube and NYTimes. Once IE hits that page with the infected ad and it remains open (even if minimized or on a different tab), it gives access to track all of your mouse movements and virtual keyboard/keypad entries. You can check out the full post including demonstrations on how the hack works and how it tracks on spider.io’s blogpost here. Source: Spider.io
DID YOU KNOW? K logix just released its “Feats of Strength” which includes the real cost of data loss and current trends in the industry, it’s awesome.
According to McAfee, A Massive Cyberattack on 30 U.S. Banks is on the Horizon
Just as useful as a tip to the cops at a brick and mortar bank location, information exposing this large-scale cyberattack has already helped immensely in stopping it entirely. On Thursday, McAfee released a report about “Project Blitzkerg” which details the plans of hackers to attack 30 major U.S. banks in the spring of 2013. Project Blitzkerg began as a massive cybercriminal recruting campaign, headed by a Russian mafia leader by the nicname “NSD”. The idea was essentially “You do the hacking, we’ll do the planning, and we all walk away rich”. RSA actually first uncovered parts of Project Blitzkerg back in the fall, and since then, murmurs about the big attack have gone dark on forums that were once actively talking about it. Bill Wensley, a senior VP at Booz Allen Hamilton and a specialist in cybersecurity said ““If you catch something early on, you can minimize the threat, it’s definitely worthwhile to get a heads up.” Nobody will disagree with that, but in this case just exposing the cybercrime ring itself seems to have done enough to deter the efforts. The banks will still prepare 100% however, as banks who did prepare for the attacks last month in the largest DDoS attack seen in recent history took the least amount of damage. Either way, “Project Blitzkerg” communications might’ve just been taken offline and postponed, in which case the banks need to be prepared at any moment for a large-scale attack. Source: CNNmoney