ironcove.net

Georgian Cyber Attacks from Russia?

Administrator — Thu, 21 Aug 2008 23:25:01 +0000

More speculation about government sponsored cyber attacks. This time its in the Russia vs Georgia sphere.

Here is a copy of a post to the Shadowserver mailing list:

We wanted to give everyone an update on what we have been seeing in terms of
DDoS attacks against Georgian websites. The last DDoS-related blog we had
in July involved the website for the President of Georgia. In the last few
days we have seen a resurgence in attacks against both the President of
Georgia’s website and other Georgian targets - both government and
non-government. If you are interested you may read more at the following
URL:

http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20080811

Interesting articles on Surveillance and the Olympics

Administrator — Thu, 21 Aug 2008 23:16:53 +0000

Just a quick one with a couple of interesting links:

The surveillance system allegely sold to China for monitoring the olympics

http://www.quintessenz.at/doqs/000100004315/2007_02_01,siemens_intelligence_platform.pdf
http://www.quintessenz.at/doqs/000100004353/2008_05_11_olympic_surveillance.pdf

And surveillance made easy -
http://technology.newscientist.com/channel/tech/mg19926705.900-surveillance-made-easy.html

Opera 9.5 puts up a fight against malware

Administrator — Sat, 14 Jun 2008 08:29:01 +0000

While we here at Ironcove.net are big fans of Linux on the desktop, we are also aware that it can be a scary proposition for those who have used Microsoft products for years. Running an alternative browser on your Windows platform is often a first step towards greater security against malware and getting away from the control that Microsoft exerts through its dominance. Opera have an alternative browser to Firefox and Internet Explorer, and the latest version has some great anti-malware features that could be an excellent defense against malware based attacks.

A good review of the new version of Opera 9.5 is over at Linuxdesktop.org

The centerpiece of version 9.5 is a security package based on technology from Haute Secure, Netcraft, and PhishTank, that the Norway-based Opera Software calls “Opera Fraud Protection.” The anti-malware feature from Haute Secure automatically blocks offending Web pages to protect against malware and other security threats. The browser queries Opera’s servers when a user requests a new webpage and then checks it against the HauteSecure list of blacklisted pages in the same domain. Meanwhile, verson 9.5 continues to update anti-phishing features from PhishTank, which were introduced in Opera 9.1 back in December 2006.

When Dragons Attack - Tibetan Hacking Review Paper

Administrator — Thu, 24 Apr 2008 23:55:05 +0000

Over the past two months there has been a significant increase in targeted malware and other attacks against the Tibetan Community and its supporters. Ironcove.net has put together a paper that covers the various attacks and looks into the possibility and extent of Chinese Government involvement in those attacks. We have also highlighted the fact that many of these attacks would be ineffective against an Ubuntu Desktop operating system.

It is the recommendation of ironcove.net that human rights groups around the world should start to seriously look at the benefits of running a free and open operating system such as Ubuntu Linux. Today a new release of Ubuntu has been launched, it is a great time to sample the power of Open Source.

When Dragons Attack (PDF)

HackerTarget.com offering Free Nessus Scanning to Non-profits

Administrator — Thu, 24 Apr 2008 22:50:57 +0000

Our friends over at HackerTarget.com have recently started offering free Nessus Vulnerability Scanning to non-profit organisations. Nessus is the worlds leading vulnerability scanning solution. It is a tool that scans an IP address for vulnerabilities so that they can then be acted upon and fixed. In some ways it is a simulated hacker attack against your server - so that when you do get scanned by hackers, your security holes have already been fixed. If you run any internet connected server it is a good idea to test it for security problems on a regular basis.

Free Vulnerability Scanning for Nonprofits

Further Cyber Attacks on the Tibetan Community

Administrator — Wed, 16 Apr 2008 13:57:55 +0000

The Register has a summary of more targeted malware attacks against the Tibetan Community and Supporters. The attack involves an email that when the flash movie is viewed it will install a keylogger on the computer. The keylogger will then record all keystrokes on the computer and send the details to a server in China.

Now I am not going to point fingers and I would like to do some more research into these attacks and the possible origins. Remember just because it appears the attacks are coming from China nothing is certain, as this could as easily be a bored teenager in the USA who compromised a server in China or it could be something more sinister.

It does highlight however the importance of secure internet and computing facilities in any organization or movement.

Read the article here for a summary and there is a good technical blog with more details here.

Executing the file, called RaceForTibet.exe, shows a cartoon with a very skilled Chinese gymnast performing some amazingly convoluted exercise on a “vaulting Bbox” for which the jury immediately scored her a shocking 0! Whilst the gymnast’s performance is “re-wound,” a number of fairly stark photographs of real events, taking place throughout China and Tibet, are shown as a flashback.

http://www.theregister.co.uk/2008/04/15/pro_tibet_trojan/
http://www.avertlabs.com/research/blog/index.php/2008/04/14/is-malware-writing-the-next-olympic-event
http://www.avertlabs.com/research/blog/index.php/2008/03/11/social-engineering-tricks-use-tibet-to-lure-victims/
http://www.avertlabs.com/research/blog/index.php/2008/04/10/friebet-attacking-your-backend-database-from-your-backyard/

China cracks down on insider cyber hacking

Administrator — Mon, 07 Apr 2008 06:12:53 +0000

China is still in the news with Cyber Attacks making headlines. Political hacking by government and non-government organisations seems to becoming a hot topic.

Politically motivated external attacks have been rife in the past few weeks.

Members of the Save Darfur coalition told the Washington Post last week that their server had been attacked by hackers traced to computers in China.

And several pro-Tibet groups reported receiving email viruses although IP addresses have yet to be traced.

Last summer also saw allegations of cyber espionage attacks on Whitehall departments, as well as a warning to UK businesses from MI5 that Chinese hackers were looking to infiltrate their networks.

China cracks down on insider cyber hacking

Cyber attacks on Tibetan Community and NGO’s

Administrator — Wed, 26 Mar 2008 09:18:49 +0000

Over the past few days there have been a number of reports in the mainstream media about targetted Information Warfare attacks against the Tibetan NGO community. These attacks are attempts by a third party (I wonder who that could be) to send malicious emails to various members of these communites. If these attacks succeed then the victim’s computer could end up with Keyloggers and other trojans that would allow the third party access to everything typed on the infected system and full control of the PC.

The Sans Internet Storm Centre has a good technical summary and another here, while other news agencies such as the Washington Post and the Register have more general information.

I urge all NGO’s to be aware of the dangers of having an insecure computer and policies.

Things you can do stay secure:

* Always update your software (Update Operating Systems and Applications), everything from Ubuntu updates, Windowsupdate to Adobe Reader updates and flash player updates. All your software needs to stay updated. Now if this means buying new licenses please consider the alternatives.
* Beware of opening attachments - are you expecting it if not use caution. Even if they appear to come from someone you know.
* Use strong passwords on all your systems and websites and try not to use the same password everywhere!
* Use virus scanning software and keep it updated (especially important if you use the Microsoft Windows Operating System

Sans Internet Storm Centre - Article 1
Sans Internet Storm Centre - Article 2

OLPC on the ground in Peru - Astounded in Arahuay

Administrator — Sun, 23 Mar 2008 00:07:12 +0000

Peru are implementing One Laptop Per Child program that will distribute laptops to 260′000 school children. A pilot project involved 50 laptops being sent to a remote village. Read the article for a fascinating and surprising look into the results.

I wanted to know what the laptops had done for the kids. I told them I’m not a reporter, I don’t answer to the Ministry, and — an important disclaimer for an overpoliticized country like Peru — I don’t pander to bullshit politics. I wanted to hear if they thought the laptops were helping.

After looking at me blankly for a good half-minute, Mr. Navarro shot back with “evidentemente”, “obviously”, and palpably left off “you idiot” from the end of the sentence. I appreciated the small courtesy and asked a more specific question: what changed in the 8 months since the laptops arrived?

Astound in Arahuay

Cuban Internet Access is limited, so alternatives are used

Administrator — Sat, 08 Mar 2008 00:44:25 +0000

Due to restrictions with access to the internet in Cuba based around cost and control, the younger generation are passing around memory sticks containing the media they crave. An interesting article from the NYTimes.

HAVANA — A growing underground network of young people armed with computer memory sticks, digital cameras and clandestine Internet hookups has been mounting some challenges to the Cuban government in recent months, spreading news that the official state media try to suppress.

Last month, students at a prestigious computer science university videotaped an ugly confrontation they had with Ricardo Alarcón, the president of the National Assembly.

Mr. Alarcón seemed flummoxed when students grilled him on why they could not travel abroad, stay at hotels, earn better wages or use search engines like Google. The video spread like wildfire through Havana, passed from person to person, and seriously damaged Mr. Alarcón’s reputation in some circles.

Cyber-Rebels in Cuba Defy State’s Limits