IT and Cyber Security News Update from
Centre for Research and Prevention of Computer
Courtesy - Sysman Computers Private Limited, Mumbai (www.sysman.in)
Since June 2005 December 24, 2014 Issue no 1522
Tenth year of uninterrupted publication
(Click on heading above to jump to related item. Click on Top to be back here)
Dec 23, 2014
NEW DELHI: Central intelligence agencies are planning to look at the revenue model of prominent social networking websites like Twitter, Facebook and YouTube to see how the government could ensure that these sites act on its call for action against terror content and efforts to target India. The move follows activity on Twitter and Facebook where content has been floated with a concerted effort to show that Indian agencies were behind last week's bloody terrorist attack on a school in Pakistan.
"We expect these social networking websites to be more responsible in blocking such content and one way to enforce that could to be study their revenue model in India," a senior intelligence official told ET. He added that since servers of the websites are located abroad, the government needs to study "other avenues" to get the online networks to act. A Twitter representative declined comment.
A source at one of the social networking websites said their revenue model was no different in India than abroad and that there was some sort of disconnect between the technology and the government's understanding of it. In fact, the social networking websites had been in touch with India's security establishment and had even held workshops for their officials, the source said. Twitter has meanwhile taken some steps, such as blocking the account of India's most wanted terrorist, Mohammad Hafiz Saeed.
Government steps on cyber security were exposed earlier this month when it was revealed that the country's intelligence agencies were unaware of the activities of a Bengaluru man who was tweeting ISIS propaganda. Home Minister Rajnath Singh, in consultation with National Security Advisor Ajit Doval, subsequently set up a committee of intelligence officials, including private experts, to help the National Technical Research Organisation and the Intelligence Bureau to draw up a mechanism for effective monitoring of social media for terror content.
Pinar Yildirim and Andrea Matwyshyn discuss the Sony hack.
Dec 22, 2014
The cyberattacks on Sony Pictures in response to a movie that depicts a plot to kill North Korean leader Kim Jong-un should serve as a wake-up call in the digital age for companies that have hitherto been lax on information security.
That is the major takeaway for companies who are watching this train wreck and breathing a sigh of relief that it wasnt them, according to Andrea Matwyshyn, a law professor at Princeton University. The hacking has been a public relations nightmare, for Sony, adds Wharton marketing professor Pinar Yildirim, as leaks of internal communications have fractured relationships and cast major Hollywood players in an unflattering light.
The two experts discussed the likely fallout on the Knowledge@Wharton show on Wharton Business Radio on SiriusXM channel 111. Listen to the podcast at
Sonys latest troubles began as it prepared for a Christmas release of The Interview, a satirical comedy about the attempted assassination of the North Korean leader. An angry North Korea wanted Sony to can the movie, and its state news agency threatened to target all the citadels of U.S. imperialists if the movie was released. In recent weeks, hackers broke into Sonys systems and leaked troves of company files and emails. The hackers warned of 9/11-style attacks, which led major movie theater chains and cable broadcasters to decline to screen the movie.
Hands tied, Sony last week canceled the Christmas release of The Interview. The Federal Bureau of Investigation blamed North Korea for the hacking, but the dictatorship denied it and called for a joint investigation with the U.S. The situation escalated with President Barack Obama stating that the U.S. will respond at a time and place and manner that we choose, and North Korea warning of grave consequences if the U.S. were to do so.
For Sony, the fallout goes far beyond battling accusations from freedom-of-expression activists that it caved to demands from hackers. The 38 million files hackers stole and distributed on file-sharing sites include screening versions of five forthcoming films and the script of a new James Bond movie, in addition to Sony executives emails, and salary and other personal information. [The consequences] may go beyond the movie . [Sony] may face lawsuits for not protecting employee information, said Yildirim. So it is a much worse nightmare for Sony.
A Multi-Faceted Threat
Its been an enterprise-wide, multi-technology faceted attack, Matwyshyn said of the hacking. I hope [companies] will go back to their chief security officers to see what they can do to ensure this doesnt happen to them. She added that companies must create processes to ensure on an ongoing basis that they are vigilant and prepared not only to prevent such cyber attacks, but also to contain the damage once it is underway. It can only happen proactively with the cooperation of not only the IT staff [at companies]; it has to come from the top.
Companies across the entertainment industry must be scurrying today making sure all their processes are squared away and up-to-date, said Matwyshyn. Yildirim agreed that many of the movie studios must be thinking of protecting themselves.
Across a broader spectrum, Matwyshyn said companies must have a board member in charge of strengthening their IT security systems. Particularly for more traditional companies, this is a real challenge it is a cultural shift that needs to happen, she noted. It cant happen overnight and it is a somewhat painful process. But the reality of the digital age is that intangible assets matter at a whole new level now. Twitter
Many companies in the entertainment industry may already be in the sights of hackers, warned Matwyshyn. Chances are you are already on the radar of many different people who may already be setting up malware in your networks and just hanging out and waiting for the right time to spring their desired attack, she said. If you dont have [security controls] in place, you are a sitting duck. It is only a question of when and how severe it will be.
A loss of trust is another casualty companies could face if their security systems are weak. Yildirim cited the damage-control moves by Sony Pictures co-chair Amy Pascal after the hackers released her emails on James Bond candidates and other sensitive information. It could have long term impact on trust with [Pascal], she said. The message to the broader movie community is to avoid making [such potentially controversial] comments, especially on the Internet.
Matwyshyn said the impact would have been devastating if the leaks had involved a companys sensitive research and development information, and that it should be a call for action. If the basics of due care arent visible in your enterprise from the top down in terms of security, you will have a really hard time explaining why the losses are so devastating to your shareholders, to your board, to the outside public, she said. A hacking incident similar to Sonys may also put off future business partners who may perceive your business to be run sloppily, and may not want to do business with you in the future and trust their sensitive information [with you], she added.
An Unsophisticated Attack
According to Matwyshyn, the Sony breach was not actually a very sophisticated attack because many pieces of the malware and the ways they compromised the systems are well known in the information security industry, she said. She speculated that the perpetrator of the attacks could have been some IT criminal enterprise or a bunch of disgruntled IT administrators that were fired and want to do reputational and financial harm to the company.
The only plus of the Sony hacking from the companys perspective could be a heightened interest among moviegoers to go see The Interview. Studies show that if movies are pirated closer to the release date and if they are in file sharing environments, it might increase demand for the movie, said Yildirim. She predicted that after some time has passed, Sony may screen the movie, or parts of it, or that a bootlegged version will surface.
But Officials Say No Risk To Safety Of Reactors
By Meeyoung Cho
SEOUL (Reuters) - Computer systems at South Koreas nuclear plant operator have been hacked, but only non-critical data has been lost and there is no risk to the safety of nuclear installations including the country's 23 atomic reactors, the company and the government said on Monday.
The attacks come amid concerns that North Korea may mount cyberattacks against industrial and social targets after accusations by the United States that Pyongyang was responsible for a devastating hacking assault on Sony Pictures.
South Korea is still technically at war with the North.
South Korea's energy ministry said it was confident that its nuclear plants could block any infiltration by cyber attackers that could compromise the safety of the reactors.
"It's our judgment that the control system itself is designed in such a way and there is no risk whatsoever," Chung Yang-ho, deputy energy minister, told Reuters by phone.
An official at Korea Hydro and Nuclear Power Co Ltd (KHNP), the nuclear plant operator that is part of state-run Korea Electric Power Corp, told Reuters that the hacking appeared to be the handiwork of "elements who want to cause social unrest".
"It is 100 percent impossible that a hacker can stop nuclear power plants by attacking them because the control monitoring system is totally independent and closed," the official said.
Neither Chung nor the KHNP official made any mention of North Korea.
They also said they could not verify messages posted by a Twitter user claiming responsibility for the attacks and demanding the shutdown of three aging nuclear reactors by Thursday.
The user who was described in the posting as chairman of an anti-nuclear group based in Hawaii said more documents from the nuclear operator will be posted if the reactors are not closed.
Seoul prosecutors are conducting a criminal probe into the leak of data from KHNP, including blueprints of some nuclear reactors, electricity flow charges and radiation exposure estimates.
They have traced the IP used for a blog carrying the stolen documents to an online user in a southern city who has denied knowledge about the postings and claimed his user ID has been stolen.
BAE releases five predictions for the year ahead
by Catherine Neilan
23 December 2014
This year has had more than a few digital crimes committed, ranging from the North Korea Sony hack, which is still playing out, to the iCloud hack known as iBrute, resulting in nude photos of celebrities being published online.
But what does 2015 hold in store for digital crime, and how can we protect ourselves against the next wave of cyber criminals? BAE Systems Applied Intelligence has five predictions for the what we should be looking out for:
1. Fragmentation of cyber criminal activities
The past five years have seen an increasing industrialisation of the cyber criminal marketplace, BAE says. Specialists working across malware, counter-AV testing, spamming, hosting, card cloning and money-muling, among others, have developed markets of their own. According to the defence group this means crime as a service is a reality, lowering the barrier to entry for budding criminals and fuelling the growing threat, year after year.
BAE says this fragmentation will become increasingly challenging for those working in security to counter, arguing for greater law enforcement to be deployed. This should enable them to ramp up the number of simultaneous investigations and make disruption a business as usual activity, says BAE's managing director of cyber security Scott McVicar.
2. Hyper regulation
Knowing that they could be fined millions of dollars, financial institutions are no longer happy to simply comply with regulations: they want to actively search out money launderers and other criminals.
We believe more organisations will hire more big hitters from the law enforcement and national security world to show they are serious about stopping the criminals, McVicar says.
There will be better integration working across departments as they attempt to detect and tackle the problem.
3. The next industrial revolution
The Internet of Things is going to bring us the next industrial revolution, resulting in the automation of many tasks and massive productivity gains. But security professionals are already warning about what that could mean for security, particularly with machines such as cars and medical equipment becoming part of the connected world.
That will change the way we approach security, McVicar believes. We anticipate that 2015 will see increased focus on building in security-from-the-start for the next industrial revolution, he says. Rather than being an impediment, we expect that good security can actually speed up the realisation of this next industrial revolution.
4. Hiding hackers
BAE expects that next year cyber attackers will go to greater lengths to hide their identity and improve their own security, which could seriously hamper the emerging methods used to locate hackers, which risks casting a shadow over the field of threat intelligence. McVicar says: Researchers will need to adopt practices from the professional intelligence community and tread more carefully when drawing conclusions about who is ultimately behind cyber attacks.
5. Crunch time for Big Data
Big Data is going to mature next year, with competing platforms, support services and a strong market for developers, data scientists and so on. As a result, business leaders want to see real results from their technology teams.
McVicar believes this will focus minds, shifting their approach from thinking about getting more data in to getting more out of existing data.
There will be a shift from technologies which enable storage and basic reporting to those which enable meaningful intelligence to be extracted. Use-cases such as network monitoring, fraud-detection, and security analytics will be popular driven by the increasing overlap between cyber threats and other risks and more focused board-level attention on managing cyber security across the business, he adds.
Stands for "Dynamic Link Library." A DLL (.dll) file contains a library of functions and other information that can be accessed by a Windows program. When a program is launched, links to the necessary .dll files are created. If a static link is created, the .dll files will be in use as long as the program is active. If a dynamic link is created, the .dll files will only be used when needed. Dynamic links help programs use resources, such as memory and hard drive space, more efficiently.
DLL files can also be used by more than one program. In fact, they can even be used by multiple programs at the same time. Some DLLs come with the Windows operating system while others are added when new programs are installed. You typically don't want to open a .dll file directly, since the program that uses it will automatically load it if needed. Though DLL filenames usally end in ".dll," they can also end in .exe, .drv, and .fon, just to make things more confusing.
Few Men desire Liberty; most Men only wish for a just master.