The Register has a summary of more targeted malware attacks against the Tibetan Community and Supporters. The attack involves an email that when the flash movie is viewed it will install a keylogger on the computer. The keylogger will then record all keystrokes on the computer and send the details to a server in China.
Now I am not going to point fingers and I would like to do some more research into these attacks and the possible origins. Remember just because it appears the attacks are coming from China nothing is certain, as this could as easily be a bored teenager in the USA who compromised a server in China or it could be something more sinister.
It does highlight however the importance of secure internet and computing facilities in any organization or movement.
Read the article here for a summary and there is a good technical blog with more details here.
Executing the file, called RaceForTibet.exe, shows a cartoon with a very skilled Chinese gymnast performing some amazingly convoluted exercise on a “vaulting Bbox” for which the jury immediately scored her a shocking 0! Whilst the gymnast’s performance is “re-wound,” a number of fairly stark photographs of real events, taking place throughout China and Tibet, are shown as a flashback.
http://www.theregister.co.uk/2008/04/15/pro_tibet_trojan/
http://www.avertlabs.com/research/blog/index.php/2008/04/14/is-malware-writing-the-next-olympic-event
http://www.avertlabs.com/research/blog/index.php/2008/03/11/social-engineering-tricks-use-tibet-to-lure-victims/
http://www.avertlabs.com/research/blog/index.php/2008/04/10/friebet-attacking-your-backend-database-from-your-backyard/
China is still in the news with Cyber Attacks making headlines. Political hacking by government and non-government organisations seems to becoming a hot topic.
Politically motivated external attacks have been rife in the past few weeks.
Members of the Save Darfur coalition told the Washington Post last week that their server had been attacked by hackers traced to computers in China.
And several pro-Tibet groups reported receiving email viruses although IP addresses have yet to be traced.
Last summer also saw allegations of cyber espionage attacks on Whitehall departments, as well as a warning to UK businesses from MI5 that Chinese hackers were looking to infiltrate their networks.
China cracks down on insider cyber hacking
Over the past few days there have been a number of reports in the mainstream media about targetted Information Warfare attacks against the Tibetan NGO community. These attacks are attempts by a third party (I wonder who that could be) to send malicious emails to various members of these communites. If these attacks succeed then the victim’s computer could end up with Keyloggers and other trojans that would allow the third party access to everything typed on the infected system and full control of the PC.
The Sans Internet Storm Centre has a good technical summary and another here, while other news agencies such as the Washington Post and the Register have more general information.
I urge all NGO’s to be aware of the dangers of having an insecure computer and policies.
Things you can do stay secure:
* Always update your software (Update Operating Systems and Applications), everything from Ubuntu updates, Windowsupdate to Adobe Reader updates and flash player updates. All your software needs to stay updated. Now if this means buying new licenses please consider the alternatives.
* Beware of opening attachments – are you expecting it if not use caution. Even if they appear to come from someone you know.
* Use strong passwords on all your systems and websites and try not to use the same password everywhere!
* Use virus scanning software and keep it updated (especially important if you use the Microsoft Windows Operating System
Sans Internet Storm Centre – Article 1
Sans Internet Storm Centre – Article 2
Peru are implementing One Laptop Per Child program that will distribute laptops to 260′000 school children. A pilot project involved 50 laptops being sent to a remote village. Read the article for a fascinating and surprising look into the results.
I wanted to know what the laptops had done for the kids. I told them I’m not a reporter, I don’t answer to the Ministry, and — an important disclaimer for an overpoliticized country like Peru — I don’t pander to bullshit politics. I wanted to hear if they thought the laptops were helping.
After looking at me blankly for a good half-minute, Mr. Navarro shot back with “evidentemente”, “obviously”, and palpably left off “you idiot” from the end of the sentence. I appreciated the small courtesy and asked a more specific question: what changed in the 8 months since the laptops arrived?
Astound in Arahuay
Due to restrictions with access to the internet in Cuba based around cost and control, the younger generation are passing around memory sticks containing the media they crave. An interesting article from the NYTimes.
HAVANA — A growing underground network of young people armed with computer memory sticks, digital cameras and clandestine Internet hookups has been mounting some challenges to the Cuban government in recent months, spreading news that the official state media try to suppress.
Last month, students at a prestigious computer science university videotaped an ugly confrontation they had with Ricardo Alarcón, the president of the National Assembly.
Mr. Alarcón seemed flummoxed when students grilled him on why they could not travel abroad, stay at hotels, earn better wages or use search engines like Google. The video spread like wildfire through Havana, passed from person to person, and seriously damaged Mr. Alarcón’s reputation in some circles.
Cyber-Rebels in Cuba Defy State’s Limits
While not strictly computer security awareness I couldn’t go past mentioning these excellent Bicycle Africa projects. Unsure of the licensing on some of these like the Bamboo bicycle lets hope its creative commons or open source.
A number of excellent projects are worth a look at in Africa. These projects aim to provide low cost bicycles for transport of people and cargo.
Bamboo Bicycle
Project Rawanda.org
Kona Bike Town
The excellent TrueCrypt open source encryption utility has just been released in a version 5.0. The new version allows amoung other things full disk encryption. So that you must enter a secure password on boot of the system to access the fully encrypted partition. This adds an excellent layer of security to all systems but particularily laptops. When governments and corporations seem to lose so many laptops that contain lots of personal and confidential information – it seems like this would be the ideal solution.
TrueCrypt
An excellent resource and video of the Blogging freedom advocacy campaign that is being undertaken by GlobalVoicesOnline.
During the last six months, since the launch of Global Voices Advocacy, we have been trying to cover the increasingly serious threats to online speech occurring around the globe and the efforts to combat them. We’ve documented the arrest and detention of scores of bloggers and online authors and highlighted several anti-censorship campaigns, reports of Internet censorship, blocked blogs and websites. Our coverage so far has included stories on 25 nations, as well as exclusive interviews with activists and bloggers focused on free speech issues, in addition to an in-depth survey of online censorship cases that rarely receive media attention.
Global Voices Advocacy Update .
A quick guide to sending SMTP email with Google. This is a handy little trick. You can even use a non gmail.com account.
The GMail SMTP server. Luckily, I could setup my Evolution Client on my Linux box within no time, to use and send mail via the GMail SMTP server.
Using TLS means your emails to google are encrypted too, after they go from google as its email they are in clear text, but that is the nature of email. It does mean that anyone sniffing your traffic on an unencrypted or WEP encrypted access point will see nothing but gibberish.
Using Gmail SMTP to send email – a quick guide .
To kick off I must say I love this quote from New Internationalist.
When you turn on your computer, you’re making a political statement. If, like most people, your computer boots Microsoft Windows, the statement you’re making is that transnational corporations should control access to the most powerful public media that ever existed.
New Internationalist Magazine Nov. 2006
The Free Software foundation has gotten together with some large environmental groups aiming to promote free software and reduce the amount of waste that is going to be generated by people upgrading to Vista.
There are literally millions of computers that are going to be thrown out so that people can run the new version of Windows Microsoft Vista.
I signed on to the letter and so should you. While I am careful about recommending throwing away Windows without planning and an understanding of what you are doing. For the majority of computer users throughout the world an Open Source desktop solution is a viable alternative.
Ubuntu Linux goes from strength to strength. If users want desktop candy like the new Vista (which is about all I can that has been added to the operating system) then you can even get that using open source solutions. So there is no excuse.
Explore the alternatives! And while you are at it. Sign the letter.
Read the letter
