Home Tags Prince

Tag: Prince

Prince’s music will be on Spotify and other services starting Sunday

When you're facing a $100M tax bill, it's time to make a deal.

Satan enters roll-your-own ransomware game

Code named for Prince of Darkness offers commissions for spreading evil Satan is infecting computers, encrypting files and demanding ransoms. No, we're not talking about the prince of darkness itself, but an underground ransomware service bearing its name.
It's devilish code: net demons wielding it can create a customised ransomware payload that will encrypt a victim's files with RSA-2048 bit and AES-256 bit encryption. Those Satan enslaves are directed through the many circles of the Tor network in order to pay a bitcoin ransom that varies in size. The Satan ransomware is available openly on the Tor network and presents punters with a slick form through which the malware is customised. The established malware researcher known as Xylitol reported the malware El Reg ignored VXers' constant pleas "not upload malware to VirusTotal" by promptly uploading the ransomware to VirusTotal, finding that it was detected by about half of antivirus scanners, although this number can differ thanks to heuristics and other antivirus dynamic checks not covered by the lauded online security service. Malware that is uploaded to VirusTotal is at risk of being discovered by anti-virus engines and security researchers. Should you choose to spread the word of Satan, the hell-code's authors claim to take a 30 per cent cut of any ransoms paid to customers. "The bitcoin paid by the victim will be credited to your account. We will keep a 30 percent fee of the income … [which] will become lower depending on the number of infections and payments you have." The service will help customers encrypt their files and wrap it in Word document macros and installers.
It is up to customers to decide how to disseminate the malware, but most arrive by phishing. Create your malware.
Satan's panels. Satan is not alone in its evil ways: other ransomware-as-a-service offerings including a JavaScript-based instance have been uncovered. Many ransomware variants have been undone by white hat hackers working under the No More Ransom Alliance to find and exploit holes in the malware that allows free file decryption. The Alliance unifies previously un-co-ordinated ransomware reversal efforts.

The Reg expects it won't be long before the Alliance's forces are arrayed against Satan's in an effort to unravel its encryption and bring the good word to the afflicted. ® Sponsored: Customer Identity and Access Management

Terrorists are winning the digital arms race

Terrorist groups are embracing a huge number of digital tools to recruit members and plan attacks, putting them a step ahead of governments trying to combat them, a group of counterterrorism experts said. Twitter removed about 250,000 accounts connected with ISIS in one year, but the terrorist group uses 90 other social media platforms, Rob Wainwright, the director of Europol said Tuesday.

Terrorist groups have begun to live stream their attacks, and they are using the internet to launch “innovative crowdfunding” campaigns, he said at the World Economic Forum in Davos-Klosters, Switzerland. “The technology is advanced,” Wainwright added. “They know what to do, and they know how to use it.” It’s imperative that countries start working more closely together to combat terrorism and to develop an online counternarrative that dissuades potential members from joining groups like ISIS, said members of a panel on terrorism in the digital age. Governments need to trust each other more and be willing to share their terrorism intelligence, said Prince Turki bin Faisal Al Saud, former director of national intelligence in Saudi Arabia. “Terrorist is a cancer,” he said. “The terrorist cell uses these online methods to metastasize.” Raheel Sharif, former chief of staff for the Pakistani army, called for a combination of tough penalties for violent terrorists and deradicalization education efforts for others. Pakistan, in recent years, has cut the number of terrorist attacks in the country dramatically, he said. But Prince Turki emphasized the need for a stronger counternarrative, on the internet and in schools, churches, and mosques.

Tough penalties for terrorists need to avoid collateral damage to innocent people, he said.

Counterterrorism efforts cannot “eliminate the terrorist and create 10 others,” said Prince Turki, now chairman of the King Faisal Center for Research and Islamic Studies. Counterterrorism efforts cannot “eliminate the terrorist and create 10 others,” said Prince Turki, now chairman of the King Faisal Center for Research and Islamic Studies. Some panelists suggested that a culture of free speech online complicates efforts to fight terrorism.

The international community needs to find a balance between freedom of expression and safety, said Yemi Osinbajo, vice president of Nigeria. “Each person has a ... digital device, and it has tremendous power,” he said. “They don’t even require any formal agreements. [Anyone] can reach millions of people.” Europol’s Wainwright also seemed to suggest some limits on free speech. “We want to enjoy, we want to protect the freedom of the internet, but not to such an extent that there are absolutely no rules of governance,” he said. Panelists disagreed about the effectiveness of current online efforts to craft a counterterrorism message.

Efforts in the U.S. and elsewhere to counter online terrorism campaigns have been “singularly unsuccessful,” said Louise Richardson, vice chancellor at the University of Oxford. But Wainwright disagreed, saying some counternarrative efforts appear to have reduced the number of Europeans and U.S. residents joining ISIS.

But more efforts are needed to counter the “fake news” terrorist groups are putting out about themselves, he added.

US Navy runs into snags with aircraft carrier’s electric plane-slingshot

EMAL system was nearly bought by the UK. Bullet dodged? Oh no The US Navy is having difficulties with its latest aircraft carrier's Electromagnetic Aircraft Launching System (EMALS) – the same system which the UK mooted fitting to its new Queen Elizabeth-class carriers. The US Department of Operational Test and Evaluation (DOTE) revealed yesterday, in its end-of-year report [PDF] for financial year 2016, that the EMALS fitted to the new nuclear-powered carrier USS Gerald R. Ford put "excessive airframe stress" on aircraft being launched. This stress "will preclude the Navy from conducting normal operations of the F/A-18A-F and EA-18G from CVN 78", according to DOTES, which said the problem had first been noticed in 2014. In addition, EMALS could not "readily" be electrically isolated for maintenance, which DOTE warned "will preclude some types of EMALS and AAG (Advanced Arresting Gear) maintenance during flight operations", decreasing their operational availability. The Gerald R. Ford is supposed to be able to launch 160 sorties in a 12-hour day – an average of one takeoff or landing every 4.5 minutes. She is supposed to be able to surge to 270 sorties in a 24-hour period. Britain considered fitting EMALS to its two new Queen Elizabeth-class aircraft carriers right back at the design stage. Indeed, the ability to add catapults and arrester gear to the ships was specified right from the start. Lewis Page, late of this parish, summed up what happened when the government tried to exercise that option: "... it later got rescinded, on the grounds that putting catapults into the ships was not going to cost £900m – as the 2010 [Strategic Defence and Security Review] had estimated – but actually £2bn for [HMS] Prince of Wales and maybe £3bn for Queen Elizabeth. This would double the projected price of the two ships." The Aircraft Carrier Alliance – heavily dominated by BAE Systems – had not designed the new carriers to have EMALS fitted at all, taking advantage of naïve MoD civil servants who didn't get a price put into the contract for the conversion work. Bernard Gray, chief of defence materiel, told Parliament in 2013: Because the decision to go STOVL [that is the initial decision for jumpjets] was taken in, from memory, 2002, no serious work had been done. It had been noodled in 2005, but no serious work had been done on it. It was not a contract-quality offer; it was a simple assertion that that could be done, but nobody said, "It can be done at this price", and certainly nobody put that in a contract. The US woes with EMALS are not complete showstoppers. EMALS is a new design, technology and piece of equipment, up against mature steam-powered catapult tech which hasn't really changed in more than five decades. Gerald R. Ford is the first-of-class of the new breed of US aircraft carriers which will see that country's navy through to the second half of this century. That said, the fact that problems identified in 2014 are still a problem two years later, and make it impossible to safely deploy fully-loaded combat aircraft, may come back to bite the US Navy. Oddly, Gerald R. Ford's timetable for introduction into service – handover to the USN early this year, flight testing in 2018 and 2019, and operational deployment by 2021 – closely mirrors that of HMS Queen Elizabeth. Britain's new aircraft carriers have no catapult system at all. The only fast jets capable of flying from them are Harriers (as operated by the US Marine Corps) and the F-35B. HMS Queen Elizabeth, whose sea trials date keeps slipping back to later and later this year, is planned to carry about 20 F-35s on her first operational deployment to the South China Sea in 2021. Sources tell The Register that plans to operate F-35s from land bases once they are delivered to the UK have been shelved in favour of getting Queen Elizabeth to sea with as large an air wing as possible. Previously, military planners were working on the assumption that just 12 jets would be carried aboard QE on her first operational deployment, with the rest left in the UK for the RAF to play with. Sponsored: Next gen cybersecurity. Visit The Register's security hub

Creaking Royal Navy is ‘first-rate’ thunders irate admiral

He's bound to say that.

Truth is, it'll get worse before it gets better Comment Admiral Sir Philip Jones, head of the Royal Navy, has written how "you'd be forgiven for thinking that the RN had packed up and gone home" in response to the kicking the naval service has received in the press recently. In an open letter published on the RN website, the admiral wrote: "Sadly the world is less certain and less safe.

But our sense of responsibility has not changed.

The Royal Navy may be smaller than in the past but has a strong future so this is no time to talk the Navy down." On 21 November the Defence Select Committee published a swingeing report into naval procurement, which concluded: "The MoD is embarking on a major modernisation of the Royal Navy surface fleet. Notwithstanding the Committee's concerns that the number of ships is at a dangerous and an historic low, it is a programme which has the potential to deliver a modern navy with a broad range of capabilities." Meanwhile, HMS Duncan, a Type 45 air-defence destroyer, had to be towed back into port after her unreliable Rolls-Royce WR-21 engines* broke down, as they tend to do on all Type 45s with worrying frequency – so much so that the RN has started a dedicated initiative, Project Napier, to add extra diesel generators to the Type 45 fleet.

This involves cutting large holes in the hull of each ship. Royal Fleet Auxiliary** tanker Wave Knight, currently deployed on Atlantic Patrol Tasking (North) in the Caribbean on anti-drugs patrol duties, broke down in St Vincent with Prince Harry aboard.

APT(N) used to be carried out by an actual warship rather than a refuelling tanker, but cuts to destroyer and frigate numbers left the Navy with no option. Last year a naval offshore patrol vessel, normally employed to stop and search fishermen's boats and their catches, was trialled on APT(N). A few weeks ago it was revealed that the RN will, from 2018, be left without any anti-ship missiles on its frigates and destroyers. Then there's the Type 26 frigate programme, which continues to stagnate as MoD officials lock horns with vastly more experienced BAE Systems negotiators over contracts.

The Type 26s are planned to partly replace the UK's current fleet of thirteen Type 23 anti-submarine frigates.

There will be fewer Type 26s than Type 23s, however, with the final five Type 23s set to be replaced with Type 31 "general purpose frigates", a cheap 'n' cheerful concept intended primarily for export.

The government, having initially pledged a like-for-like replacement of Type 23 with Type 26, later changed tack and cut the planned order of Type 26s, presumably because of the spiralling costs. A perfect storm for the naval service So what did the First Sea Lord have to say in defence of the RN? Type 45 destroyers are "hugely innovative" and "money is now in place to put this right".
Indeed, "if they weren't up to the job then the US and French navies would not entrust them with protection of their aircraft carriers in the Gulf." A strong point: for all their electrical flaws, the Type 45s are world-leading air-defence destroyers. The Harpoon anti-ship missile was cut partly because it "was reaching the end of its life" – though the admiral's attempt to claim that last month's Unmanned Warrior robot naval boat exercise featured anything capable of replacing a dedicated anti-ship capability was fanciful at best and downright disingenuous at worst.

That said, the admiral is duty bound, for better or for worse, not to embarrass his elected political masters. Admiral Jones also mentioned the Queen Elizabeth-class aircraft carriers and their F-35B fighter jet air wing, due to enter service in a few years.

As previously reported on El Reg, the F-35 will not be ready for true carrier deployment for another five years minimum and even when it is, we won't own enough of them to put to sea without borrowing half the fast air wing from the US Marines. Moreover, each carrier will need, at the very least, both a frigate and a destroyer as escorts; the frigate to detect submarines, the destroyer to maintain an anti-aircraft screen. Will we be able to spare these two ships from all the other standing tasks, let alone training and maintenance requirements? On the whole, the Royal Navy is in very poor shape.
It cannot meet all its standing patrol tasks (as detailed in the Defence Select Committee report) without resorting to small patrol vessels and mostly civilian tankers to do so.

The Fleet Air Arm will not be a credible force capable of deploying overseas at even minimal strength (12 F-35Bs) until the middle of the next decade.

The frigate force is capable but ageing and due for retirement soon.

The destroyer fleet will be plagued by engine problems for another five years. On the other hand, the carriers will enter service.

F-35B will enter service.

Type 26 will start entering service from the mid-2020s.

The RFA will receive its new Tide-class replenishment ships to support the carriers.

Three new offshore patrol vessels are under construction and will be delivered in the next few years. New nuclear deterrent submarines are now under construction and will enter service in the coming years.
In terms of fighting strength, ability to put to sea and ensure freedom of navigation and lawful commerce, the Navy will improve. The tough part is that we will not hit rock bottom and start climbing out of this well of impotence for at least the next three years. What those three years bring – Brexit, more Russian sabre-rattling, possibly even a new Middle East flashpoint – could stretch the RN to breaking point or even beyond. While the First Sea Lord has publicly defended his service, ultimately it is the politicians of all flavours who starved the Navy of the funding for new ships and equipment that it desperately needed ten years ago, leading to today's situation where so many demoralised personnel have left that ship deployments were lengthened from six to nine months. The next time the Defence Secretary pops up to recycle tired old announcements that amount to nothing new, remember that. ® Bootnotes *The two gas turbines themselves are OK – it is the intercooler-recuperator assembly which lets them down.

Briefly, the intercooler-recuperator recovers heat from the turbines' exhausts and uses it to pre-heat the fuel/air mixture being fed into the engine.

This reduces wasted heat while increasing fuel efficiency and electrical output.

Due to a design flaw, the intercooler-recuperator tends to drop out without warning when operating in warmer waters (reportedly as low as 30C).

The sudden spike in electrical demand overwhelms the ship's two auxiliary Wärtsilä diesel generators and causes the entire electrical system, propulsion, weapons and all, to trip out, leaving the destroyer dead in the water as frantic marine engineers rush to reset it all. **The Royal Fleet Auxiliary is a uniformed but civilian branch of the naval service. Officially classed as civil servants sailing civilian-registered British ships, their personnel man the tankers, replenishment ships and general duties vessels, which increasingly find themselves used as actual warships, such as on the APT(N) deployment or as the mothership for the British minehunter contingent in the Persian Gulf. Sponsored: Customer Identity and Access Management

Double-dip Internet-of-Things botnet attack felt across the Internet

Our new IoT overlords have arrived.peyri reader comments 3 Share this story The distributed denial of service attacks against dynamic domain name service provider Dyn this morning have now resurged.

The attacks have caused outages at services across the Internet. But this second wave of attacks appears to be affecting even more providers.

According to Dan Drew, the chief security officer at Level 3 Communications, the attack is at least in part being mounted from a "botnet" of Internet-of-Things (IoT) devices. Drew explained the attack in a Periscope briefing this afternoon. "We're seeing attacks coming from a number of different locations," Drew said. "An Internet of Things botnet called Mirai that we identified is also involved in the attack." The botnet, made up of devices like home WiFI routers and internet protocol video cameras, is sending massive numbers of requests to Dyn's DNS service.

Those requests look legitimate, so it's difficult for Dyn's systems to screen them out from normal domain name lookup requests. Earlier this month, the code for the Marai botnet was released publicly.
It may have been used in the massive DDoS attack against security reporter Brian Krebs. Marai and another IoT botnet called Bashlight exploit a common vulnerability in BusyBox, a pared-down version of the Linux operating system used in embedded devices. Marai and Bashlight have recently been responsible for attacks of massive scale, including the attack on Krebs, which at one point reached a traffic volume of 620 gigabits per second. Matthew Prince, co-founder and CEO of the content delivery and DDoS protection service provider CloudFlare, said that the attack being used against Dyn is an increasingly common one.

The attacks append random strings of text to the front of domain names, making them appear like new, legitimate requests for the addresses of systems with a domain.

Caching the results to speed up responses is impossible. Prince told Ars: They're tough attacks to stop because they often get channeled through recursive providers.

They're not cacheable because of the random prefix. We started seeing random prefix attacks like these three years ago, and they remain a very common attack.
If IoT devices are being used, that would explain the size and scale [and how the attack] would affect: someone the size of Dyn. Both Level 3 and CloudFlare have not directly been affected by the attack.

But many of their customers have, because of a reliance on Dyn's managed domain name services. The outages began this morning when Dyn reported a distributed denial of service affecting their US East Coast infrastructure. While the first attack was apparently shrugged off by mid-morning, another wave hit about mid-day Eastern Time, again affecting sites and services that use Dyn as the provider of their authoritative Domain Name Service addresses.

This rendered parts of Twitter's network, as well as hundreds of other sites—including Github, Box, The Verge, Playstation Network, and personal web page provider Wix–that rely on Dyn's service to dynamically reassign domain names to internet addresses for traffic management purposes. Prince added that Cloudflare was seeing a sizable increase in errors in traffic for its customers because the attack was affecting infrastructure providers like GitHub. "If a customer's site is pointing to a git there, now we cant reach Github," he said. "There are definitely infrastructure providers that we can't reach." The attack itself is likely pointed at a Dyn customer rather than at Dyn itself.
Some indications point to the attack focusing on Sony's Playstation domains, though Dyn has not confirmed this. Ars will update this story as new information becomes available.

CloudFlare shows Tor users the way out of CAPTCHA hell

Bling signature scheme might just improve privacy, too CloudFlare has backed up its promise to get rid of the CAPTCHAs that Tor users complain discriminate against them. The content distribution network's (CDN's) hated CAPTCHAs make browsing an unhappy experience for Tor users by offering rather too many challenges. Worse yet, they drop a cookie on validated users' browsers and thereby create a re-identification risk. Surfers using Tor have complained for some time that CDNs like CloudFlare discriminate against them. CloudFlare assigns a reputation to a user's IP address, which means that an innocent Tor user unfairly inherits the reputation of an exit node that might also be serving spam or malware. Back in February, CEO Matthew Prince told The Register the company was working on ways to get rid of the CAPTCHA. At the time, a couple of CloudFlare engineers had already dropped the first draft-of-the-draft at GitHub. CloudFlare's architecture The pre-Internet Draft draft is here. At the moment, CAPTCHAs are presented to the user by JavaScript supplied by the CDN – and that can't be reliably audited, because the code can change at any time. Putting the challenge in a plugin makes it audit-able, CloudFlare notes. Next is the problem of the cookie, which the document highlights as a risk: “the challenge page sets a unique cookie to indicate that the user has been verified. Since Cloudflare controls the domains for all of the protected origins, it can potentially link CAPTCHA users across all >2 million Cloudflare sites without violating same-origin policy.” Instead of the cookie, the plugin would use a blind signature scheme. Here's how CloudFlare thinks it could work: “The protocol allows a user to solve a single CAPTCHA and in return learn a specified number of tokens that are blindly signed that can be used for redemption instead of witnessing CAPTCHA challenges in the future. For each request a client makes to a Cloudflare host that would otherwise demand a CAPTCHA solution, a browser plugin will automatically supply a bypass token. “By issuing a number of tokens per CAPTCHA solution that is suitable for ordinary browsing but too low for attacks, we maintain similar protective guarantees to those of Cloudflare's current system.” The blind signature scheme is described at Wikipedia. In CloudFlare's implementation, the tokens carrying the signatures will be JSON objects in the plugin: “tokens will be a JSON object comprising a single 'nonce' field. The 'nonce' field will be made up of 30 cryptographically random bytes”. The plugin will also contain a CA-issued certificate to validate keys, and certificates will be checked against certificate transparency logs. ®

BEC Campaign Tricks Company Into Wiring $400K to Hackers

Researchers gained significant insight into a Nigerian business email compromise (BEC) operation that likely costs companies $6 million annually, including one incident where a firm was tricked into sending $400,000 to the group's bank accounts. Nigerian cyber-criminals hacked into the email of an Indian chemical company, hijacking a deal between the company and its U.S. customer and stealing the entire $400,000 payment, according to researchers with security firm SecureWorks.Details of the attack—of a type known as business email compromise (BEC)—is part of the intelligence gleaned by researchers from a misconfigured server used by the group.

The fraud scheme is known as "wire-wire" in West African nations and involves compromising the email accounts of potential victims, waiting for a high-value order or transaction, and then sending new bank account details to the customer.If done right, the scheme can be very lucrative—scoring between $30,000 and $60,000 on average—and hard to detect, Joe Stewart, director of malware research at SecureWorks, told eWEEK.

The collected evidence shows that West African groups are quickly evolving from 411 and Nigerian prince scams to more sophisticated social engineering, he said."What we learned from watching these actors over a period of months is that they worked in a way substantially different from our preconceived notions of Nigerian threat actors," he said. "Week to week, given the average [we're seeing], they are probably taking in $6 million a year." SecureWorks named the group that stole the $400,000 Wire-Wire Group 1 (WWG1) and suspects that it has more than 30 members. Most members of the group live in the same region of Nigeria, the company stated in its report. The details of the West African group come the same week that international law enforcement announced the arrest of the Nigerian head of a group conducting similar scams.

That unnamed group, which may have stolen as much as $60 million, used both business email compromise and romance scams to bilk victims of money.
In one case, a target paid $15.4 million before the scam ended.Law enforcement officials did not name the group or its leader, but referred to him as "Mike." The group's members come from Malaysia, South Africa and Nigeria.To avoid being tracked, the group laundered its gains through contacts in China, Europe and the U.S., according to authorities.

The groups pay a significant amount of money to such criminal services.
In the case of Wire-Wire Group 1, for example, about half of the stolen funds end up in the hands of the criminal group that launders the money, according to SecureWorks.The groups are not only evolving their techniques, but have evolved themselves: They are, for example, more likely to consist of mature adults, rather than younger actors, according to SecureWorks investigation into WWG1. While 411 scammers tend to be students and 20-something adults, who show off their cash and work from cyber-cafes, members of WWG1 are in their late 20s, 30s and 40s, operate from their home Internet connection and are involved in mainstream church groups. Messages between members of WWG1 show that they work to help out other members of their community by introducing them to the money-making scheme, according to SecureWorks.The security firm dubbed the leader of the group they are investigating as "Mr. X" and stressed that the group is unrelated to the one shut down by law enforcement this week.Business email compromise has grown to be a significant threat to companies, especially small and medium businesses that do not have good accounting controls.
In April, the FBI warned that, since October 2013, more than 17,600 victims have reported the scam, with business losses totally $2.3 billion.The attacks are accelerating as well.
Since the beginning of 2015, the FBI has noted a 270 percent increase in victims and losses.The FBI warned companies to beware of account information or changes that are only sent through email.

Any changes should be verified over the phone by calling known contacts at the partner's business.
In addition, companies should implement multiple levels of authentication as part of their accounting practices.

CREST Singapore Chapter Established to Introduce Penetration Testing Certifications and Accreditations...

CREST examination facility officially opened at the Singapore Institute of Technology28 July 2016: In partnership with the Cyber Security Agency of Singapore (CSA) and the Association of Information Security Professionals (AISP), CREST has established a Singapore Chapter to introduce its penetration testing certifications and accreditations to Singapore.

This initiative was developed in collaboration with the Monetary Authority of Singapore (MAS), the Association of Banks in Singapore (ABS) and the Infocomm Development Authority of Singapore (IDA).

The CREST Singapore Chapter is the first CREST Chapter in Asia. Marking this milestone is the official opening of the CREST Examination Facility at the Singapore Institute of Technology (SIT) today.

The facility was opened by Mr David Koh, Chief Executive, CSA. CREST professional certifications and service provider accreditations will provide buyers of penetration testing services in Singapore with the confidence that the work is being carried out by qualified individuals with up to date knowledge, skills and competence, supported by a professional services company with appropriate policies, processes and procedures.

Following the introduction of CREST penetration testing certifications and accreditations in Singapore, there are plans to introduce more CREST certifications and accreditations in areas including Incident Response, Malware Analysis and wider Information Security Architecture. Professionals, who are Singapore Citizens and would like to pursue CREST certifications, can apply for Government subsidies to cover a proportion of the costs.
Small service providers can apply for Government funding to cover a proportion of the costs to be CREST member companies. Mr David Koh, Chief Executive of CSA, said, “CSA’s focus is to make Singapore’s cyberspace safe for businesses, individuals and the society at large.

To do this, we need strong partnerships with multiple stakeholders across the cybersecurity ecosystem.

This partnership between CSA, CREST and AISP will raise the professionalism of our penetration testers and help to enhance the security of Singapore’s cyberspace. Penetration testing is important to assess our level of cyber security and is an essential service for both large enterprises and SMEs, given the increasing frequency and sophistication of cyber threats.

By raising the competency standards of our cyber security professionals, like penetration testers, we will make Singapore’s cyberspace more secure for everyone.” “CREST is delighted to make its penetration testing certifications available through the Chapter in Singapore” said Ian Glover President of CREST International. “CREST certifications have already become the de facto standard in the UK and Australia and through the provision of CREST-accredited companies and CREST-certified professionals, we are now able to deliver increased levels of confidence to the buying community in Singapore.

CREST works hard to professionalise the cyber security testing sector internationally and the local chapter in Singapore will make it possible to achieve consistently high standards across the region.” “To strengthen the cybersecurity ecosystem in Singapore, it is essential for the public, private and education sectors to work closely together.

Thus, AISP is delighted to be able to collaborate with CSA, CREST, and SIT to establish the first CREST-accredited examination facility in Asia.” said Associate Professor Steven Wong, President of AISP. “Through the practical examinations carried out in this facility, professionals are now able to validate not just their cybersecurity knowledge, but also their hands-on cybersecurity skills, against a well-recognised global industry benchmark such as the certifications offered by CREST.” “The demand from both public and private sectors for more Information Security professionals to monitor and protect organisations from cyber threats has never been greater. Most organisations today are heavily dependent on Information and Communications Technology to support their daily operations.

From a cybersecurity standpoint, today’s big data and the internet connectivity of things translate into higher risks of sensitive information being open to attacks, where it is absolutely essential that these key information systems are adequately protected.
I am confident that SIT’s collaborative efforts with CREST, CSA and AISP will provide the spark for a paradigm shift in innovative ways of keeping Singapore’s cybersecurity ecosystem safe and sound,” said Professor Loh Han Tong, Deputy President (Academic) & Provost, Singapore Institute of Technology. “High quality, credible cyber security training is already a huge issue for many firms worldwide given the risks we are all facing,” said Conrad Prince, the UK Government’s Cyber Security Ambassador. “I am delighted that CREST, with its tremendous amount of experience and recognition in the industry for the work it does professionalising the UK cyber security industry, is partnering with Cyber Security Agency of Singapore and the Association of Information Security Professionals to do the same for cyber security professionals in Singapore and the wider region.” - End - About the Association of Information Security ProfessionalsThe Association of Information Security Professionals (AISP) is a Government and Industry collaboration which aims to transform Infocomm Security into a distinguished profession and build a critical pool of competent Infocomm security professionals who subscribe to the highest professional standards.

The AISP was registered with the assistance of the Singapore Computer Society (SCS) and the strong support of the Infocomm Development Authority of Singapore (IDA) in February 2008.
It was officially launched on 17 April 2008 by Dr Vivian Balakrishnan, the then Minister for Community Development, Youth and Sports. About CRESTCREST is the not-for-profit accreditation body representing the technical information security industry.

CREST provides internationally recognised accreditation for organisations and individuals providing penetration testing, cyber incident response and threat intelligence services.

All CREST Member Companies undergo regular and stringent assessment; while CREST qualified individuals have to pass rigorous examinations to demonstrate knowledge, skill and competence.

CREST is governed by an elected Executive of experienced security professionals who also promote and develop awareness, ethics and standards within the cyber security market. About the Cyber Security Agency of SingaporeThe Cyber Security Agency of Singapore (CSA) provides dedicated and centralised oversight of national cyber security functions, and works with sector leads to protect Singapore’s critical services.
It also engages with various industries, and stakeholders to heighten cyber security awareness as well as to ensure the holistic development of Singapore’s cyber security landscape.

The Agency reports to the Prime Minister’s Office and is managed by the Ministry of Communications and Information.
Information on CSA is available at www.csa.gov.sg. About the Singapore Institute of TechnologyThe Singapore Institute of Technology (SIT) is Singapore’s new autonomous university of applied learning.
It aims to be a leader in innovative university education by integrating learning, industry and community.
SIT offers applied degree programmes targeted at growth sectors of the economy.

As a new university, SIT offers its own applied degree programmes with a unique pedagogy that integrates work and study.
It also offers specialised degree programmes in partnership with world-class universities.
SIT also aims to cultivate in its students four distinctive traits, or the SIT-DNA, which will prepare them to be ‘thinking tinkerers’, who are ‘able to learn, unlearn and relearn’, be ‘catalysts for transformation’ and finally, become ‘grounded in the community’. For media queries, please contact: CRESTAllie Andrews, PRPRAccount DirectorMob: +44 7940452710Office: +44 1442 245030Email: allie@prpr.co.uk AISPRudy TjahjadiSecretariatOffice: +65 6247 9552Email: secretariat@aisp.sg CSAConnie LeeSenior Assistant Director, Communications and Engagement OfficeOffice: +65 6323 5010Email: connie_lee@csa.gov.sg Sybil ChiewAssistant Director, Communications and Engagement OfficeOffice: +65 6323 5273Email: sybil_chiew@csa.gov.sg SITJason ChiewSenior Manager, Corporate CommunicationsOffice: +65 6592 8949Email: jason.chiew@SingaporeTech.edu.sg

CloudFlare probes mystery interception of site traffic across India

Traffic to Pirate Bay and others redirected to AirTel banned URL notice An unknown agency in India, possibly telco Airtel, is quietly capitalising on encryption gaps in sites tended by DDOS-buster CloudFlare to intercept and redirect users. Little is yet known about the attacks, so far detected targeting piracy torrent site The Pirate Bay and a handful of other outfits. CloudFlare engineers have, at the time of writing, emerged from an emergency meeting to investigate the now verified claims that traffic to their customer sites is being intercepted. Visitors to intercepted websites are redirected to an AirTel page which reads that the "requested URL has been blocked as per the directions received from Department of Telecommunications, Government of India". The redirect page does not necessarily confirm that the interception is the handiwork of AirTel. India has blocked sites for nearly two decades without formal policy, but it is the first time it has so directly capitalised on absent security measures to deny access to a URL. Some of CloudFlare's sites include those run by political dissidents, hacking forums, and piracy sites.
Such sites are often in the crosshairs of governments. India-based developer Abhay Rana (@captn3m0) and security researcher Shantanu Goel (@shantanugoel) discovered Pirate Bay traffic interception which they suspected may be thanks to cooperation between CloudFlare and the Indian Government, or due to security flaws on behalf of the anti-distributed denial of service attack provider. CloudFlare founder Matthew Prince told The Register that the company concluded a meeting less than an hour ago and says there are no security flaws on its side, but that the company was blind-sided by the interception. The redirection landing page. Prince says the attacks occurred at CloudFlare's Chennai and New Delhi data centres but not at its Mumbai point of presence. "It appears to only affect traffic that is being passed over an unencrypted link," Prince says. "Whatever the system is that is looking for the requests might not be installed in Mumbai, we don't know, but it appears to be triggered off the host header in requests. "It suggests there is some system that is running either at the edge of India's network or within AirTel that is at least conducting infection of host headers in requests." Prince says the company is examining "all traffic" to locate other affected customer sites, but did not name impacted clients. The company offers free and paid distributed denial of service attack mitigation and uptime and anonymity services to a host of web properties. The Indian Government may have reason to target CloudFlare customers. The tech company has since 2014 offered its paid enterprise distributed denial-of-service mitigation services to established political blogs, news sites, and other public interest organisations for free under Project Galileo. AirTel representatives contacted by CloudFlare were not aware of the interception but are investigating the matter. The Register has contacted the company for comment. Prince says interception is seemingly possible only for sites that do not use encryption on origin servers. CloudFlare in May asked customers to install its free certificate to help admins accomplish the task. Writer Karthik Balakrishnan has further analysis of the attacks which CloudFlare has largely vetted as accurate, sans its claimed intentional involvement or security flaws. We'll update this story as and when more detail emerges. ® Sponsored: 2016 Cyberthreat defense report