Mon-Oct 05, 2009
Washington / Associated Press

When swine flu broke out, the government revved up a massive information campaign centered on three words: Wash your hands.

The Obama administration now wants to convey similarly clear and concise guidance about one of the biggest national security threats in your home and office – the computer.

Think before you click. Know who’s on the other side of that instant message. What you say or do in cyberspace stays in cyberspace – for many to see, steal and use against you or your government.

The Internet, said former national intelligence director Michael McConnell, “is the soft underbelly” of the US today. Speaking at a new cybersecurity exhibit at the International Spy Museum in Washington, McConnell said the Internet has “introduced a level of vulnerability that is unprecedented.”

The Pentagon’s computer systems are probed 360 million times a day, and one prominent power company has acknowledged that its networks see up to 70,000 scans a day, according to cybersecurity expert James Lewis.

For the most part, those probes of government and critical infrastructure networks are benign. Many, said McConnell, are a nuisance and some are crimes. But the most dangerous are probes aimed at espionage or tampering with or destroying data.

The attackers could be terrorists aiming at the US culture and economy, or nation-states looking to insert malicious computer code into the electrical grid that could be activated weeks or years from now.

“We are the fat kid in the race,” said Lewis. “We are the biggest target, we have the most to steal, and everybody wants to get us.”

And if, for example, the US gets into a conflict with China over Taiwan, “expect the lights to go out,” he said. The exhibit at the Spy Museum – “Weapons of Mass Disruption” – tries to bring that threat to life.

A network of neon lights zigzags across the ceiling. Along the walls computer screens light up with harrowing headlines outlining the country’s digital dependence.

Drinking water, sewer systems, phone lines, banks, air traffic, government systems, all depend on the electric grid, and losing them for weeks would plunge the country into the 1800s.

Suddenly, the lights go out and the room is plunged into silent darkness. Seconds later as the sound system crackles, a video ticks off a pretend crisis: no food, no water, system shutdown.

That faux threat has become a prime concern for the government, but fully protecting the grid and other critical computer systems are problems still waiting a solution.

Federal agencies, including the Pentagon and the Department of Homeland Security, are pouring more money into hiring computer experts and protecting their networks.

But there are persistent questions about how to ensure that Internet traffic is safe without violating personal privacy.

One answer, experts said last week, is to begin a broader public dialogue about cybersecurity, making people more aware of the risks and how individuals can do their part at home and at work.

Some will find it easier than others.

Much of the younger generation has grown up online and are more likely to know about secure passwords, antivirus software and dangerous spam e-mails that look to steal identities, bank accounts and government secrets.

Older people moved into the digital universe as it began to evolve and most have not grown up thinking about how to protect themselves online.

“Detection and prevention are fast, but crime is still faster,” said Phil Reitinger, director of the National Cybersecurity Center. The key, he said, “is to make sure that we’re all getting the word out about not only the seriousness of the threat, but the fairly simple steps that people can take to help secure their systems and their lives and families from the threats that are out there.”

In the computer world, “wash your hands” is less about tossing your keyboard into the dishwasher – although some have tried – and more about exercising caution.

Those steps include:
* Using antivirus software, spam filters, parental controls and firewalls.
* Regularly backing up important files to external computer drives.
* Thinking twice before sending information over the Internet, particularly when using wireless or unsecured public networks.

Share on Facebook

A second Indian government Web site – operated by the Institute of Remote Sensing – has been compromised for malware purposes, says Finjan Inc., one of the big names in secure web gateway products and a provider of unified web security solutions for the enterprise market. News that the site has been hacked by cybercriminals came after Finjan reported that the Government of India portal was hacked back in May of this year.

“This latest hack is interesting on two fronts. First the attack has happened despite the Indian government stepping up security on its hosting servers. And secondly, the cybercriminals have added a script into the site that adds an iFrame attack to the page,” said Yuval Ben- Itzhak, Finjan’s chief technology officer.

“The page then re-routes to a LuckySploit-infected server in Texas that fires off multiple attacks across the Internet. Early reports suggest that the site hack and re-route has infected several thousand Internet users,” he added.

According to Ben-Itzhak, the LuckySploit toolkit uses a variety of methods to infect users and is notable for using a complex encryption system to hide what it is doing. The bad news about this exploit is that the infected pages are only detected by 4 out of 41 anti-virus engines on the Virustotal.com code checking portal.
Finjan’s malicious code research team has notified the Indian CERT (Computer Emergency Response Team) operation about the problem.

“More than anything, this infection teaches us that any site can be compromised and serve malicious code without the site owner knowledge. This is why Web protection utilizing real-time content inspection is needed for businesses to prevent such attacks and keep their valuable data away from hackers,” added Ben-Itzhak
“Individual users should also consider installing a URL-checking browser plugin such as Finjan’s free-to-use SecureBrowsing tool,” he said.

Share on Facebook

The outbreak of swine flu has provided hackers a new opportunity to attack your computers.

With the virus fast-spreading and people wanting more information on the pandemic flu and safety, the hackers are capitalising on their fear to spread malicious content.

“The attacks arrive through an unsolicited email message typically containing a subject line related to the swine flu. These email messages may contain a link or an attachment,” said an advisory by the Computer Emergency Response Team (CERT), the cyber security agency operating under the ministry of communications and IT.

“If users click on this link or open the attachment, they may be directed to a phishing website or infected with malicious code,” the CERT added.

The mails in fact look quite interesting with subject lines like ‘Swine influenza: frequently asked questions.pdf’, inviting users to click to know more about the subject.

“This is as an email with attachment and being used to drop malware on computers. It takes advantage of a vulnerability in Adobe ( a software) to drop a malicious ‘infostealer’ Trojan on the user’s computer,” said CERT.

“This is then used to steal personal information, such as credit card number and online bank credentials.”

Among some of the eye-catching subject lines that will tempt a user to click on the link include: ‘Madonna caught swine flu!’, ‘Swine flu worldwide!’ and ‘Swine flu in Hollywood!’

The CERT added that instances of such malicious attacks might increase with a number of new websites being registered with the term “swine flu” included in them.

“Right now they are not used for anything, but it is anticipated that at some point, these sites may be used for spamming purposes, perhaps advertisements or even greater malicious use,” it added.

Share on Facebook