Live map shows cyber-war in real time

Cyber-intelligence firm builds heatmap to show online attacks around the world as they happen

A heat map depicting cyber-warfare as it happens has revealed the extent of the online attacks that ricochet between China and the United States. The mesmerising depiction has been created by Norse Corporation – a company that monitors global spyware and malware. The map is based on 130 terabytes of information gathered from 40 countries and eight million so-called "honeypots" – computers that emulate the kinds of programs cyber-attackers tend to attack, like ATM software and corporate email, BuzzFeed explains. The map shows a range of different information, including which country a cyber attack comes from, where it is aimed, and details about what kind of attack it is. The attacks it displays represent only one per cent of the total data Norse tracks. If the company attempted to display any more than that it would become illegible, it says. Although many of the attacks seem to be emanating from China, that impression may be misleading, NetworkWorld says, as "many attackers are good at masking their real location".  At time of writing, the five most frequently attacked countries appear to be the US, China, Singapore, UK and Thailand. And apart from China, the assaults seem to originate from the US, the Netherlands, Russia and what looks like a small island off the south coast of Ghana labelled "Mil/Gov". Rather than this being a secretive US military base in the Gulf of Guinea, it is in fact a random location on the equator that Norse has selected to represent cyber-attacks committed by and against the American government, where location data is unavailable. The map is "weirdly hypnotic" Quartz's Heather Timmons says, and looks rather "like the vintage video game Missile Command". Another tool that does a similar job is Kaspersky’s stunning interactive cyber threat map. Kaspersky Lab, a provider of anti-virus software has over 60 million users and detects more than 300,000 malicious objects every day. According to Kaspersky, the most infected countries in the world are currently Russia, India, Vietnam, the US and Germany. For further concise, balanced comment and analysis on the week's news, try The Week magazine. Subscribe today and get 6 issues completely free. Source: The Week UK, Image Courtesy: https://pbs.twimg.com/media/BrJK-NACMAERLH6.jpg:large

Read More........→July 15, 2014

Malware re-birth a new threat?

Indian Express, Agencies : Washington, Scientists have claimed that new breeds of malware could leave computer systems and even critical infrastructure defenceless to attack from cyber criminals or foreign governments. An international team, led by Murray Brand, says that a theoretical attack strategy it calls a malware rebirthing botnet would render existing antivirus measures obsolete by using different kinds of malware in a coordinated strike. The attacker would first use a worm to create a botnet of infected slave computers, then upload a honeypot programme to attract and capture other malware from the internet. The captured malware would then be sent back to the attacker and altered in what Brand calls a rebirthing suite, improving its defences against antivirus programs with anti-analysis tools and tailoring them for the coming attack before distributing them among the botnet. The attacker now has an array of advanced, customised malware that are extremely difficult if not impossible for antivirus programs to detect that can be deployed against a target system from multiple angles. "Recognition of malware is dependent upon an analyst having already analysed the behaviour of the malware and extracted an identifying signature," Dr Brand said. If the new malware is significantly different to any known malware, antivirus software is unlikely to recognise the threat until the malware has disabled it, say the scientists. Dr Brand says antivirus software is already struggling to keep up with the growing volume of malware rapidly appearing on the internet, more than 75 million by the end of 2011. He says one third of malware in existence was created in the first 10 months of 2010 and new threats are often not properly identified for 48 days, with another 48 hours to program new definitions. Dr Brand says the processing power needed to scan for and delete malware may soon outstrip capacity of most computers. "At the other end of the spectrum, customised malicious software that does have a coordinated objective could be used to take over control of critical infrastructure or network operations in a very stealthy manner," he added. Source: Indian Express

Read More........→September 21, 2013

Mums should don role of CyberMums to avoid kids being bullied online

Washington, May 10 (ANI): In today's day and age, an additional role that every mother should play is that of being a cyber-mother. That is because instead of being nurtured through their formative years, today's teens are meandering their way through an unrestricted virtual world with disturbing experiences like cyber bullying, befriending unknown strangers, getting into relationships and accessing provocative content. Arming our kids with the information they need and talking even more openly about the risks involved and how to deal with them, is a key agenda of being a new age mother. Moreover, taking up this new role has become more critical and urgent for Indian mothers than ever before. According to McAfee's Secret Lives of Teens survey of over 1500 Indian parents and teens, there is an evident discrepancy between parental perception and actual reality regarding the online activities of Indian teens. The survey shows that while parental concerns prevail, teens do end up sharing more dangerous information online, contrary to their parents' belief. This divide is attributed to the fact that Indian teens are growing up as "digital natives", with increasingly active online lives but lack of parental assistance; substantiated through some of the following statistics: 70 percent of the surveyed teens believe that they shouldn't share their home address online but 40 percent of them still do. Correspondingly, only 21 percent of the polled parents believe teens would have actually done so. Although 31 percent of the surveyed teens have met their online acquaintances in real life, only 17 percent parents are aware of this. 20 percent of the surveyed teens access porn / nudity online willingly several times a day but 32 percent parents think teens willingly access it only a few times a year. 38 percent of the surveyed teens have witnessed cruel / mean behaviour online whereas only 16 percent parents are aware of this. Interestingly, 70 percent of polled parents completely trust their teens to tell them everything they do online whereas 58 percent polled teens strongly believe that they know how to hide their online activities from their parents. This suggests that there are some real threats for children online and responsible cyber parenting is the need of the hour. (ANI), Source: newstrackindia.com, Image: flickr.com

Read More........→May 11, 2013

US to complete elaboration of cyber war doctrine

A Pentagon document on the US cyber war doctrine will be put on President Barack Obama’s table in the next few weeks. Part of the US military doctrine, the cyber warfare doctrine stipulates launching pre-emptive cyber-attacks against potential enemies.

The doctrine will help the US respond to global cyber security threats and challenges. In fact, Washington reserves the right to carry out cover cyber operations all across the world. It took Pentagon experts two years to map out the doctrine, according to which the US President is authorized to give orders on launching pre-emptive cyber-attacks on any objects on the Internet, which pose a danger to the US’ national security. A cyber-attack means the implantation of multiple pieces of malicious software on the Internet, explains Moscow-based computer expert Ilya Sachkov. This creates a dangerous precedent for international law, he warns. "Such things should be regulated by the UN, Sachkov says, referring to a possible cyber war. A decision on punishing the aggressor should be made by the international community rather than a separate country, something that will comply with a spate of relevant international treaties adopted after World War II." A top-secret document, the cyber warfare doctrine was specifically hammered out by Deputy National Security Advisor for Homeland Security and Counterterrorism John O. Brennan, who will soon become the new CIA director. Earlier, it was Brennan who mapped out rules on using US drones to destroy terrorists. According to The New York Times, the cyber warfare doctrine contains plenty of norms related to using US drones. US experts say that a possible enemy’s financial sector, infrastructure and economy may be hard hit by a US cyber-attack, which can be likened to a nuclear strike in terms of consequences. This is why it is the US President who is authorized to issue an order on staging a cyber-attack. Such an order was reportedly issued by Obama during a secret operation against Iran’s uranium-enrichment facilities in 2010. According to US media, the facilities’ software was seriously damaged by a US cyber-attack at the time. The US Cyber Command led by former National Security Agency chief General Keith B. Alexander was formed in the Pentagon in February 2011. According to the new doctrine, the US Cyber Command is responsible for defining the US’ cyber foes and objects of cyber-attacks. Source: Voice of Russia

Read More........→April 15, 2013

The Australian central bank has been hacked

The Reserve Bank of Australia has disclosed the results of its internal investigation of the cyber attacks that show characteristics of Chinese origin. The conclusions of the investigation are unequivocal. The RBA’s computer networks have been repeatedly and successfully hacked.

Although the results of the investigation are not fully public, some information has been published by the Australian Financial Review. It is worth stressing that the Austrian central bank was unwilling to disclose any information pertaining to the attacks and it was the investigative effort of the Australian journalists which has prompted a partial disclosure. So far, the mechanics of the attack have been described as “infiltration”, combined with the usage of “Chinese-developed malicious software”. An unnamed Australian official told the press that “the targeting of high profile events, such as the G20, by state-sponsored adversaries... is a real and persistent threat. Cyber intruders are looking for information on... the government’s intentions.” The analysts from Zerohedge point out that this attack appears to be related to the 2011 G20 summit “at which the French government has already confirmed over 150 computers were hacked for months with files redirected to Chinese sites”. Officials from the Risk Management Unit of the Reserve Bank of Australia have told the Australian Financial Review that “Bank assets could have been potentially compromised, leading to... information loss and reputation damage”. During the last several months, hackers have targeted numerous financial and governmental institutions. Private individuals are also not safe from hackers. Recently, a hacktivist group published the financial and personal information of American political figures and celebrities. It seems that both cyber warfare and cyber espionage have already become a major problem for governments, corporations and individuals. It is likely that a new arms race in the cyber security industry is already underway.TSource: Voice of Russia

Read More........→April 12, 2013