Tag Archives: BBC

The internet around the world has been slowed down in what security experts are describing as the biggest cyber-attack of its kind in history.

A row between a spam-fighting group and hosting firm has sparked retaliation attacks affecting the wider internet.

It is having an impact on popular services like Netflix – and experts worry it could escalate to affect banking and email systems.

Five national cyber-police-forces are investigating the attacks.

Spamhaus, a group based in both London and Geneva, is a non-profit organisation which aims to help email providers filter out spam and other unwanted content.

To do this, the group maintains a number of blocklists – a database of servers known to be being used for malicious purposes.

Recently, Spamhaus blocked servers maintained by Cyberbunker, a Dutch web host which states it will host anything with the exception of child pornography or terrorism-related material.

Sven Olaf Kamphuis, who claims to be a spokesman for Cyberbunker, said, in a message, that Spamhaus was abusing its position, and should not be allowed to decide “what goes and does not go on the internet”.

Spamhaus has alleged that Cyberbunker, in cooperation with “criminal gangs” from Eastern Europe and Russia, is behind the attack.

Cyberbunker has not responded to the BBC##Q##s request for comment.

##Q##Immense job##Q##

Steve Linford, chief executive for Spamhaus, told the BBC the scale of the attack was unprecedented.

“We##Q##ve been under this cyber-attack for well over a week.

##Q##Decapitating the internet##Q##

Internet browser address bar

Writing exactly one year ago for the BBC, Prof Alan Woodward predicted the inherent weaknesses in the web##Q##s domain name system.

He wrote: “It is essentially the phone book for the internet. If you could prevent access to the phone book then you would effectively render the web useless.”

Read Prof Woodward##Q##s full article

“But we##Q##re up – they haven##Q##t been able to knock us down. Our engineers are doing an immense job in keeping it up – this sort of attack would take down pretty much anything else.”

Mr Linford told the BBC that the attack was being investigated by five different national cyber-police-forces around the world.

He claimed he was unable to disclose more details because the forces were concerned that they too may suffer attacks on their own infrastructure.

The attackers have used a tactic known as Distributed Denial of Service (DDoS), which floods the intended target with large amounts of traffic in an attempt to render it unreachable.

In this case, Spamhaus##Q##s Domain Name System (DNS) servers were targeted – the infrastructure that joins domain names, such as bbc.co.uk, the website##Q##s numerical internet protocol address.

Mr Linford said the attack##Q##s power would be strong enough to take down government internet infrastructure.

“If you aimed this at Downing Street they would be down instantly,” he said. “They would be completely off the internet.”

He added: “These attacks are peaking at 300 gb/s (gigabits per second).

“Normally when there are attacks against major banks, we##Q##re talking about 50 gb/s.”

Clogged-up motorway

The knock-on effect is hurting internet services globally, said Prof Alan Woodward, a cybersecurity expert at the University of Surrey.

“If you imagine it as a motorway, attacks try and put enough traffic on there to clog up the on and off ramps,” he told the BBC.

“With this attack, there##Q##s so much traffic it##Q##s clogging up the motorway itself.”

Arbor Networks, a firm which specialises in protecting against DDoS attacks, also said it was the biggest such attack they had seen.

“The largest DDoS attack that we have witnessed prior to this was in 2010, which was 100 gb/s. Obviously the jump from 100 to 300 is pretty massive,” said Dan Holden, the company##Q##s director of security research.

“There##Q##s certainly possibility for some collateral damage to other services along the way, depending on what that infrastructure looks like.”

Spamhaus said it was able to cope as it has highly distributed infrastructure in a number of countries.

The group is supported by many of the world##Q##s largest internet companies who rely on it to filter unwanted material.

Mr Linford told the BBC that several companies, such as Google, had made their resources available to help “absorb all of this traffic”.

The attacks typically happened in intermittent bursts of high activity.

“They are targeting every part of the internet infrastructure that they feel can be brought down,” Mr Linford said.

“Spamhaus has more than 80 servers around the world. We##Q##ve built the biggest DNS server around.”

BBC News – Global internet slows after ##Q##biggest attack in history##Q##.

Courtesy of BBC When Twitter accounts run by hackers can be breached, should we all be worried? Courtesy of BBC

Hacker collective Anonymous has suffered an embarrassing breach, as one of its popular Twitter feeds is taken over by rival hacktivists.

Little-known group Rustle League said it had hacked the @Anon_Central account which has 160,000 followers.

It follows some high-profile Twitter hacks in recent days — including accounts for Burger King, Jeep and BBC Top Gear presenter Jeremy Clarkson.

Anonymous Latest Victim of Twitter Hack | DFI News.

Courtesy of BBC A hum that comes from mains electricity has allowed forensic scientists to establish whether recordings are genuine. Courtesy of BBC

A rape victim has come forward to the police. She says she has confronted her attacker and has secretly recorded him admitting his guilt.

A suspected terrorist has been taped planning a deadly attack, and the police want to use this evidence in court. Or someone has been captured on CCTV threatening an assault.

Increasingly, recordings like these are playing a role in criminal investigations.

But how can the police be sure that the audio evidence is genuine, that it has not been tampered with or cleverly edited?

Forensic scientists have come up with the answer: they can authenticate these recordings with the help of a hum.

The Hum that Helps Fight Crime | DFI News.

Screenshot of FlameThe malware is said to have infected over 600 specific targets

A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said.

Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010.

The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.

They described Flame as “one of the most complex threats ever discovered”.

Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.

They had been investigating another malware threat, known as Wiper, which was reportedly deleting data on machines in western Asia.

In the past, targeted malware – such as Stuxnet – has targeted nuclear infrastructure in Iran.

Others like Duqu have sought to infiltrate networks in order to steal data.

This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky’s chief malware expert Vitaly Kamluk.

“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.

More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.

Iran‘s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.

The malware code itself is 20MB in size – making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.

Iran and Israel

Mr Kamluk said the size and sophistication of Flame suggested it was not the work of independent cybercriminals, and more likely to be government-backed.

Analysis

This is an extremely advanced attack. It is more like a toolkit for compiling different code based weapons than a single tool. It can steal everything from the keys you are pressing to what is on your screen to what is being said near the machine.

It also has some very unusual data stealing features including reaching out to any Bluetooth enabled device nearby to see what it can steal.

Just like Stuxnet, this malware can spread by USB stick, i.e. it doesn’t need to be connected to a network, although it has that capability as well.

This wasn’t written by some spotty teenager in his/her bedroom. It is large, complicated and dedicated to stealing data whilst remaining hidden for a long time.

 

He explained: “Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.

“Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.”

Among the countries affected by the attack are Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it,” Mr Kamluk said.

The malware is capable of recording audio via a microphone, before compressing it and sending it back to the attacker.

It is also able to take screenshots of on-screen activity, automatically detecting when “interesting” programs – such as email or instant messaging – were open.

‘Industrial vacuum cleaner’

Kaspersky’s first recorded instance of Flame is in August 2010, although it said it is highly likely to have been operating earlier.

Prof Alan Woodward, from the Department of Computing at the University of Surrey said the attack is very significant.

“This is basically an industrial vacuum cleaner for sensitive information,” he told the BBC.

He explained that unlike Stuxnet, which was designed with one specific task in mind, Flame was much more sophisticated.

“Whereas Stuxnet just had one purpose in life, Flame is a toolkit, so they can go after just about everything they can get their hands on.”

Once the initial Flame malware has infected a machine, additional modules can be added to perform specific tasks – almost in the same manner as adding apps to a smartphone.

BBC News – Flame: Massive cyber-attack discovered, researchers say.

For many of us, the music used in the background while Microsoft’s Windows 95 started booting up is still locked in our heads. That music was actually composed by well known ambient music composer Brian Eno. In a newly discovered radio interview with the BBC from 2009, Eno revealed that he actually composed the Windows 95 start up music on an Apple Macintosh machine.

Eno got a list of what the music should sound like from Microsoft, which included 150 adjectives. Some of those adjectives included words like “inspirational” “sexy”, “driving”, “provocative”, “nostalgic” and “sentimental”, which is a lot to project for just a few seconds of music. But the big revelation came when the BBC interviewer asked, naturally, if Eno had written the Windows 95 music on a PC. Eno replied, “No I wrote it on a Mac. I’ve never used a PC in my life; I don’t like them”. Ouch.

Apple’s Mac machines have always had the reputation of being a better computer to create content like music and other entertainment products, and whether that reputation is justified is a matter of debate. Regardless, it must sting the higher ups at Microsoft a little bit to learn that every time Windows 95 started up on a PC, it had a little bit of Mac inside those sounds.

http://www.youtube.com/v/1WuC9q_A2Fc

via Windows 95 start up music composed on a Mac