11.5 C
London
Saturday, October 21, 2017
Home Tags Facebook

Tag: Facebook

"If we’re lucky, we might even be able to see a real NSA spy," event page says.    
The software and cloud services giant joins Facebook and Google in confronting allegations that PRISM enjoyed deep access to user data, including encrypted communications in Microsoft's case. U.S. intelligence agencies had methods of circumventing the security and encryption safeguards placed on popular cloud services from Microsoft, including SkyDrive, Skype and Outlook.com (formerly Hotmail), alleged a July 11 report from The Guardian. Microsoft played a key role in facilitating access to user data by cooperating with the U.S. National Security Agency (NSA) and the Federal Bureau of Investigations (FBI), according to the report. Since NSA contractor Edward Snowden first sparked the PRISM spying controversy, major technology firms including Apple, Google and Facebook have been battling allegations that the U.S. government enjoyed direct access to the servers in their cloud data centers and the user data contained within. In a brief July 11 statement, Microsoft addressed the latest accusations and reiterated the company's stance on government requests for data. Microsoft asserts that the company provides customer data only in response to legal processes and that its compliance team thoroughly examines each demand, rejecting those that aren't valid. "We only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate," the company stated. "To be clear, Microsoft does not provide any government with blanket or direct access to SkyDrive, Outlook.com, Skype or any Microsoft product," according to Microsoft.

The company also stated that the law prevents it from discussing matters that may clarify the situation. "Finally when we upgrade or update products, legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request.

There are aspects of this debate that we wish we were able to discuss more freely," read the statement. Microsoft filed a motion on June 19 with the U.S.

Foreign Intelligence Surveillance Court seeking "to report aggregate information about FISA orders and FAA [FISA Amendments Act] directives," claiming a First Amendment right to disclose such information. Microsoft's response mirrors those of other tech titans that stand accused of allowing the government to enjoy what amounts to unrestricted access to user data. Facebook CEO Mark Zuckerberg took to his company's own social media platform to shed some light on "outrageous press reports about PRISM." In a June 7 Facebook post, Zuckerberg wrote that his company "is not and has never been part of any program" to give government direct access to its servers. "We have never received a blanket request or court order from any government agency asking for information or metadata in bulk, like the one Verizon reportedly received," said Zuckerberg. Likewise, Google's top brass sounded off against reports that Google had an open door policy when it came to U.S. intelligence gathering. Google CEO Larry Page and Chief Legal Officer David Drummond stated in a June 7 blog post titled "What the ...?" that the company had "not joined any program that would give the U.S. government—or any other government—direct access to our servers." They added, "Indeed, the U.S. government does not have direct access or a 'back door' to the information stored in our data centers." Reports suggesting that Google "is providing open-ended access to our users’ data are false, period."
"Anonymous good Samaritan" donates the $500,000 needed for Justin Carter's bail.    
Security-watchers don't appear overly impressed with Twitter's introduction of two-factor authentication (2FA) to its service. While some infosec experts welcomed the move, others argued that while it might help protect the accounts of individuals, it is ill-suited to the safeguarding of shared accounts of organisations - many of which have fallen victim to recent hijacking attacks. On 22 May, users of...
Does your password go up to 11? Probably not. But one day it could.
In this infographic you can find out more about our security infrastructure and an overview of the tools available to all our users to increase their level of account security.
According to news coming out of the Australian Financial Review on Monday, the Reserve Bank of Australia (RBA) was hit by attackers who infiltrated its networks and allegedly stole information. But should we really be surprised? While Australia's banks being hit by Chinese hackers makes for a great headline, the reality is that there's nothing particularly different about this attack than ones that have occurred in the past. According to Freedom of Information documents (PDF) released by the RBA in December last year, the attackers' point of entry was via an email.

The email, which was sent in November 2011, contained a link to a malicious website that if clicked on would download malware to its victims' computers. It was sent, undetected by the RBA's security systems, to "several bank staff, including senior management up to head of department", and was ultimately successful — six people clicked the link and infected their machines. While that elicits all sorts of buzz phrases like "advanced persistent threat" and "highly targeted" to go along with state-sponsored hacking, it's actually not particularly difficult to put together some names and email addresses.

A quick LinkedIn search shows a couple of heads of departments and some 352 results for RBA employees. Grabbing email addresses? Easy. Usernames for the rba.gov.au domain are employees' last names, followed by the first letter of their first name. RBA's security system was bypassed because its antivirus systems failed to flag it. That might sound sophisticated, but run a piece of malware through VirusTotal, and it quickly becomes apparent that many vendors either miss recently authored pieces of malware completely, or take a while before they are aware of the threat.

And "customised" malware that's capable of evading detection sometimes doesn't have to be much more than a few changes to a toolkit. There's additionally the argument that's been floating around the security industry for the past few years that protection using signatures and heuristics alone is a fallacy, and instead network forensics are more important. Of course, toolkit-based malware doesn't necessarily have the level of sophistication to take over a computer and dig for information like one that uses a zero-day can, but the RBA's malware wasn't up to that level of sophistication. The incident summary includes a line downplaying the issue, stating, "of note, all of the affected PCs did not have local administrator rights.

This prevented the virus from spreading". And before we jump all over those six employees, what were their backgrounds? We don't know whether they were technologically savvy people, or just those who, like a huge proportion of Australians, need to use a computer to do their job. We might never know. But we do know that even the most tech-savvy people fall for phishing schemes from time to time.

Take a Facebook developer — someone who you would reasonably expect to know about protecting intellectual property, especially when they have access to live systems. Facebook's own "Loopback" project, designed to test its own security, saw a developer fall victim to a spear-phishing email. His infected machine thereafter altered the code he was working on, publishing a (disabled by Loopback's coordinators) backdoor on Facebook's live servers. This sort of thing likely happens all the time.

The fact that it happened to six employees at RBA isn't anything out of the ordinary. The RBA seems to agree, judging by the response it took. It essentially suggested deploying updated virus signatures, looking for links in emails and possibly blocking the download of certain files from the internet via web browsing. It did not consider any changes to its risk register, and the team doing the security analysis didn't think it needed to, either. While that covers the technology side of the issue, what about the human side? The RBA wrote that "while users are aware of the need for caution with suspicious attachments, such awareness is unlikely to protect the bank from credible-looking emails and attachments". Its own documentation lists the "severity of actual impact" as minor, and although it states that "bank assets could have been potentially compromised, leading to service disruption, information loss, and reputation", it does not, in the RBA's incident report summary, list it as having financial, legal and compliance, or reputational impacts. It did contact the Defence Signals Directorate (DSD), which might cause some to think that this is a national security dilemma. But the reality is, doing so is just good practice.

The DSD's Information Security Manual states that agencies are recommended to coordinate their reporting of cybersecurity incidents to DSD. This is not only to help gain appropriate assistance, if it is needed, but also to help the government maintain a better perspective on attacks conducted against it. Does this mean we're not in some form of "cyber" war with scary foreign nations? Not at all. China's probably hacking us, just as we and the US are hacking them, and anyone else that falls under our radar. We just shouldn't be surprised that it happens. Subsequent to this article being written, the RBA issued the following statement: As reported in today's media, the bank has on occasion been the target of cyberattacks.

The bank has comprehensive security arrangements in place which have isolated these attacks and ensured that viruses have not been spread across the Bank's network or systems.

At no point have these attacks caused the bank's data or information to be lost or its systems to be corrupted.

The bank's IT systems operate safely, securely, and with a high degree of resilience. The bank takes cybersecurity and its potential consequences extremely seriously.

As part of its extensive efforts to ensure that security arrangements are best practice, the bank routinely consults with the Defence Signals Directorate and draws on the expertise of specialist private firms.

There is ongoing rigorous testing of the bank's IT systems and regular training of staff.
Malware, hackers, spam, identity thieves and more – which antivirus package should you invest in to prevent them playing havoc with your life? We test 10 of the best antivirus apps available Antivirus isn't something you can get away without any more, and if you think you can't be infected, chances are there's a virus writer somewhere ready and willing...