Tag Archives: police

Just a third of Brit cops are equipped to fight crime that is ‘cyber’

Bad news if you’ve been defrauded online Just one in three police forces in the UK are able to tackle cybercrime such as DDoS, malware attacks and online fraud, a Home Affairs Committee heard today.…

Continue reading here:
Just a third of Brit cops are equipped to fight crime that is ‘cyber’

Thai police charge man in hacking attacks on gov’t sites

Police in Thailand on Monday charged a suspect with participating in recent hacking attacks on government computers that were billed as a protest against a restrictive law governing internet use. Natdanai Kongdee, 19, was one of nine people arrested in connection with the attacks that blocked access to some websites and accessed non-public files, Deputy Prime Minister Prawit Wongsuwan said. Police said he was a low-level hacker rather than a leader and had confessed to participating in the attacks. They said he belonged to several online groups specializing in hacking activities. Natdanai was present at Monday’s news conference but did not speak. He was charged with gaining unauthorized access to police data, along with illegal possession of firearms and marijuana, allegedly found when police searched his house. The legal status of the other people arrested was not explained. Groups promoting the attacks say they are in protest of passage of revisions to Thailand’s Computer Crime Act, which would restrict freedom of speech and facilitate targeting political dissidents. The new law would allow Thai authorities to intercept private communication and to censor websites without a court order. In addition to the leaking of documents, government sites have been subject to distributed denial of service, or DDoS, attacks, where access is denied by overloading the online server with requests. A Facebook group encouraged a simple version of such attacks by suggesting people repeatedly reload them by pressing the F5 key. “He (Natdanai) was naive to believe the (Facebook) group and hack into the system,” Siripong Timula of the police’s technology department said. The Facebook group, with the name Citizens Against Single Gateway, earlier this month called for a “cyberwar.” Its name reflects activists’ concerns about plans for a single gateway through which all international internet traffic would pass. The government claims such a system is necessary for national security, but opposition from many sectors has made the government evasive about whether it plans to implement a single gateway. The group on Dec. 19 claimed responsibility for temporarily bringing down the Thai defense ministry’s website. Since then, it has claimed to have brought down websites for Thailand’s military, customs department, police, foreign affairs ministry and additional government websites. Other hackers, operating as part of the informal activist network Anonymous, have been posting data they say is from government computers. Police said Monday that their systems are still “well protected” and that the attacks constitute minor hacks. Prime Minister Prayuth Chan-ocha said, “If we do not have any laws or write it down to make it clearer and if they continue to do this, what can we do?” Should hackers simply be allowed to poke into personal data, he asked reporters rhetorically. “We’ve talked about it many times. Everything is passed. Talk about something else,” said Prayuth, who is noted for his brusque manner of speaking. Source: http://www.dailymail.co.uk/wires/ap/article-4066212/Thai-police-charge-man-hacking-attacks-govt-sites.html

Read the original post:
Thai police charge man in hacking attacks on gov’t sites

How our household devices get hacked and join zombie bot networks in DDoS attacks

The Internet of Things: blessing or curse? That depends on how much you value your privacy against the ability of your fridge to order fresh milk. Either way, we are now more vulnerable to hackers. Here’s how. I won’t even attempt to answer the question in my opening gambit. Who can say for sure this early whether the Internet of Things is a blessing or a curse (aside from the fact that clichés are always a curse). For one this is something we all have to decide for ourselves – hopefully, after diligent public debate. We all have to decide what privacy is in the digital era, and whether it’s important to us. We may support more stringent data protection laws, even a global bill of rights. Or we may find ourselves in the “post-privacy” camp and not really care. It also depends on how highly we value our digital security. Unbeknownst to us Take the DDoS (distributed denial-of-service) attack that brought down a litany of popular websites last Friday (21.10.2016). The affected websites included Esty, Github, HBO Now, PayPal, Pinterest, Playstation Network, Recode, Reddit, Spotify, Twitter, Netflix, Yammer, and Yelp. Your fridge, your mom’s webcam, computers at the local school, and a kid’s doll may have all taken part – without your even knowing it. Someone, somewhere launched a piece of malware called Mirai. We’ve known about Mirai – so something was in the wind. And DDoS attacks themselves have been around for ages. Mirai searched for poorly-protected, networked devices. That is, household devices that had little or no password protection. Reports suggest these included DVRs and webcams made by a Chinese company called Hangzhou XiongMai, which has since issued a recall on its webcams in the US. Mirai turned the connected devices into its slaves. They then launched the DDoS attack on servers run by Dyn, a so-called DNS host, and home to all those websites. Usually, when you call up a website, your “request” goes via one of these servers. But when the servers are overloaded with bad requests consisting of incomplete data, or they are bombarded with more requests than they can handle, they basically freak out. And no one is served. That’s what happened on Friday. Your fridge, webcam, toy truck and thousands more emitted a coordinated attack of useless information, bringing down some of the world’s most popular websites. The rest is history… Friday’s Mirai attack may well be history now, but it’s one which will surely repeat itself. Many, many times. The question is, where will it all end? If it’s only Netflix and Spotify you can’t access, you may really not care. Certainly if they are back up and running within a few hours. But what if it’s a vital government website, online access to your local hospital, the police, or the energy grid… and what if the attack lasts for days, weeks even? This is what we mean when we talk about cybersecurity. Private, commercial concerns, even dating apps, shouldn’t come into it. And yet what we do – and allow – at a private level can have a momumental impact on society. We may think it’s just the fridge ordering our milk or Barbie chatting to our kids. But we forget that every electronic device these days – especially those connected to the network – is vulnerable to hackers. And the Mirai attack has reminded us they can all be reprogrammed to do whatever the hackers want. Source: http://www.dw.com/en/how-our-household-devices-get-hacked-and-join-zombie-bot-networks-in-ddos-attacks/a-36181744  

More:
How our household devices get hacked and join zombie bot networks in DDoS attacks

No wonder we’re being hit by Internet of Things botnets. Ever tried patching a Thing?

Akamai CSO laments pisspoor security design practices Internet of Things devices are starting to pose a real threat to security for the sensible part of the web, Akamai’s chief security officer Andy Ellis has told The Register .…

More:
No wonder we’re being hit by Internet of Things botnets. Ever tried patching a Thing?

Greater Manchester plod site targeted by nuisance DDoS attack

‘There will be more attacks today,’ attacker proudly tells El Reg The website for Greater Manchester Police was targeted by two Distributed Denial of Service (DDoS) attacks yesterday, which rendered the site unavailable for more than two hours. The operators of two Twitter accounts have claimed responsibility.…

Original post:
Greater Manchester plod site targeted by nuisance DDoS attack

US the world’s botnet mothership says Level 3

Not the way you want to lead the world Level 3 Communications says America is home to more botnet command and control servers, edging out the Ukraine, with Russia only managing third place.…

Original post:
US the world’s botnet mothership says Level 3

Anonymous loose cannon admits DDoSing social services and housing websites

51-yr-old Liverpudlian cuffed after bragging on social media A middle-aged Briton has admitted running a series of debilitating denial of service attacks against social services, social housing and crime prevention websites.…

More:
Anonymous loose cannon admits DDoSing social services and housing websites

Looking at insider threats from the outside

Cybersecurity is a never-ending battle requiring around-the-clock attention. From malware to DDoS to APT attacks, front-line IT security teams are being constantly bombarded. With all this attention o…

Read the original post:
Looking at insider threats from the outside