Monday, 24 June 2013

Alleged NSA snooping target is one of China's Internet hubs

China's Tsinghua University, revealed by an American spy agency contractor to be a target of U.S. surveillance programs, is home to the country's oldest Internet hub and routes traffic from tens of millions of users.
The alma mater of many of China's top leaders including President Xi Jinping and former President Hu Jintao, Tsinghua's campus in northwestern Beijing hosts the China Education and Research Network (CERNET), one of China's six major backbone networks, according to state media.
"Tsinghua is known as the 'MIT of China'," said Duncan Clark, chairman of Beijing-based technology consultancy BDA, referring to the premier U.S. university, the Massachusetts Institute of Technology.
"It has strong research and technical capabilities," Clark told Reuters in e-mailed comments. "It also produces a lot of the nation's future elite (in government and business). So it's not surprising, I guess, that it's a target."
The university did not respond to requests for comment.
But, in an interview with the Communist Party-backed Beijing Youth Daily, an unnamed official from Tsinghua's information department denied that it was the target of a U.S. cyber attack, saying that "reports that Tsinghua was hacked into are inaccurate".
On Saturday, Hong Kong's South China Morning Post newspaper said documents and statements from the contractor, Edward Snowden, indicated the NSA had hacked major Chinese telecoms companies to access text messages, attacked Tsinghua University, and hacked the Hong Kong headquarters of Pacnet, which has an extensive fiber optic submarine network.
Snowden, who is wanted by the United States government, fled Hong Kong on Sunday to Moscow. He has asked for asylum in Ecuador.
Set up in 1994, CERNET was designed to provide Internet services to China's educational institutions, according to its web site. It connects 160 cities in China and more than 2,000 of China's universities and research institutes, including Beijing's other top university, Peking University, and Shanghai's Jiaotong University.
CERNET, which is operated by China's ministry of education, says on its website that it is China's "largest non-profit computer network and hosts the world's largest national academic network".
Luo Ping, a professor of Internet security at Tsinghua, said he had warned in research papers about U.S. attacks on China's backbone networks about five to six years ago.
"Those of us who do network security have known very early on that the National Security Agency has entered the backbone networks in China," Luo said. He did not however specifically comment on Snowden's claims.
In 2007, local media reported that Tsinghua's network had sustained large-scale virus attacks in 2006 and again in 2007, affecting over 10,000 computers on campus. The university was forced to shut down many infected computers to contain the virus.
"I believe they've taken some measures, but are still relatively weak," Luo said.
China on Sunday expressed "grave concern" over Snowden's allegations that the United States has hacked into Tsinghua and Chinese mobile network companies, and said it had taken the issue up with Washington.
When asked why Tsinghua could have been targeted by the United States, foreign ministry spokeswoman Hua Chunying said at a regular briefing on Monday that she was "not in a position to answer this question".
"Ask the party who conducted the attacks," Hua said.
Both China and the United States accuse each other of cyber attacks and the issue was top of the agenda when President Barack Obama hosted Xi at their first summit earlier this month.
China later said it wanted cooperation rather than friction with the United States over cyber security.

China Outsmarted US in Snowden Chess Game: Experts

China interceded to allow Edward Snowden's dramatic flight from Hong Kong, calculating that infuriating the United States for now was necessary to prevent deeper corrosion to their relationship, analysts and media said Monday.
Beijing also exploited the former spy's revelations to put the US government on the back foot. State media called Washington a "villain" for its alleged hacking of Chinese targets, when the United States has long portrayed itself as a victim of Chinese cyber-espionage.
The Hong Kong government insisted that its decision to let the 30-year-old Snowden fly out on Sunday was governed strictly by the law, after a provisional US arrest warrant purportedly failed to meet its judicial requirements.
But for many observers, such a high-profile case -- carrying the potential to destabilise Sino-US ties for years if Snowden had fought a lengthy legal battle in Hong Kong -- must have provoked intense interest among the territory's overseers.
Hong Kong political analyst Johnny Lau said he believed that Chinese representatives "must have drained him in depth and exhausted him (for intelligence) before letting him go".
As for Hong Kong's role, Lau argued that the local government was a pawn with Beijing guiding the pieces.
"Hong Kong is just part of a chess game. It was the same when it was part of Britain," he told AFP.
Such speculation took an intriguing twist on Monday with Albert Ho, one of Hong Kong's most respected pro-democracy lawmakers, revealing that he had been hired as Snowden's lawyer and that he had relayed a message from a mystery intermediary several days ago.
The intermediary did not specify whether he represented the government in Beijing or Hong Kong, but Ho said: "I have reasons to believe that... those who wanted him to leave represented Beijing authorities.
"Bejing would not step forward to the front stage because it (would) affect Sino-US relations," he told reporters.
"So, it would operate behind the scenes to make Snowden go. The Hong Kong government may not have had any role other than not stopping him at the airport."
After arriving in Hong Kong on May 20, armed with laptops containing a wealth of information on National Security Agency (NSA) snooping around the world, Snowden explained his choice of destination in an interview with the South China Morning Post.
"My intention is to ask the courts and the people of Hong Kong to decide my fate. I have been given no reason to doubt your system," he said.
But something changed over the weekend, after the United States issued its arrest warrant with a view to instituting formal extradition proceedings.
The former NSA contractor and CIA agent is now in Moscow and Ecuador says it is mulling his request for asylum.
While the Kremlin denied all knowledge of Snowden's plans, lawmakers in Washington were aghast at the fast-moving developments and expressed strong suspicion of Chinese as well as Russian meddling.
"I had actually thought that China would see this as an opportunity to improve relations and extradite him to the United States," Senate Intelligence Committee chairwoman Dianne Feinstein said on CBS television.
"China clearly had a role in this, in my view. I don't think this was just Hong Kong without Chinese acquiescence," she said.
On CNN, fellow Democratic Senator Chuck Schumer said "I have a feeling the hand of Beijing was involved here".
Whatever the answer, newspapers both in China and Hong Kong said Beijing had no interest in allowing Snowden's fate to fester as the new government of President Xi Jinping looks to reboot its overarching relationship with the United States after a troubled period.
"Snowden's departure from Hong Kong will prevent the Sino-US relationship from being affected," the mainland's Global Times said in an editorial.
Hong Kong's South China Morning Post declared in its own editorial: "There could be no better outcome for our city and China."
Shen Dingli, an international relations professor at Fudan University in Shanghai, agreed that Beijing probably took the final decision on the Snowden case.
"For such a vital national security interest, how can Hong Kong decide by itself? If we want to have good US-China relations, it benefits China" to have let Snowden leave, he said.
But Shen also expressed frustration that Beijing may have indulged in realpolitik rather than protecting the rights of a self-declared whistleblower who said he chose Hong Kong because of its respect for free speech.
"If we want to have principles, because this guy tells us how the US has threatened China, China should care for this person, to host him," he said. "We have lost face."

Syrian Electronic Army Hacked Finnish amusement park website

Syrian hackers from among the rebels advocating the overthrow of the existing government have hacked the website af the amusement park Flowpark located in the Finnish city of Turku, and placed there footage of the ongoing war in Syria, as reported today by СТТ news agency.
According to reports, hackers have also published on the website a message in English and Arabic on a black background.
The hackers wrote that by doing so they "want to appeal to the international community and to attract the attention of other governments to human rights violations in Syria and to the fact that the lives of Syrian children are in danger." Under the appeal they have placed video with footage of explosions and shootings.
Presently, the appeal has been removed from the site, work is underway to restore its former appearance.
Hackers from the Syrian Electronic Army have previously hacked the application of British broadcaster Sky for Android. They replaced the channel logo by their own, as well as descriptions of the programs  by the phrase "here was the Syrian Electronic Army ".
The Syrian Electronic Army has also previously hacked websites of such media as BBC, The Guardian, Financial Times and French news TV channel France 24.
They are notorious for breaking the AP account in Twitter and posting a false tweet that President Barack Obama was wounded in the blasts at the White House.

Snowden sought Booz Allen job to gather evidence on NSA surveillance

Edward Snowden tells the Post he took a job at NSA contractor Booz Allen Hamilton to collect proof of surveillance programme.
Edward Snowden secured a job with a US government contractor for one reason alone – to obtain evidence on Washington’s cyberspying networks, the South China Morning Post can reveal.
For the first time, Snowden has admitted he sought a position at Booz Allen Hamilton so he could collect proof about the US National Security Agency’s secret surveillance programmes ahead of planned leaks to the media.
“My position with Booz Allen Hamilton granted me access to lists of machines all over the world the NSA hacked,” he told the Post on June 12. “That is why I accepted that position about three months ago.”
During a global online chat last week, Snowden also stated he took pay cuts “in the course of pursuing specific work”.
His admission comes as US officials voiced anger at Hong Kong, and indirectly Beijing, after the whistle-blower was allowed to leave the city on Sunday.
Snowden is understood to be heading for Ecuador to seek political asylum with the help of WikiLeaks, which claimed to have secured his safe passage to the South American country.
Snowden, who arrived in Hong Kong on May 20, first contacted documentary maker Laura Poitras in January, claiming to have information about the intelligence community. But it was several months later before Snowden met Poitras and two British reporters in the city.
He spent the time collecting a cache of classified documents as a computer systems administrator at Booz Allen Hamilton.
In his interview with the Post, Snowden divulged information that he claimed showed hacking by the NSA into computers in Hong Kong and mainland China.
“I did not release them earlier because I don’t want to simply dump huge amounts of documents without regard to their content,” he said.
“I have to screen everything before releasing it to journalists.”
Asked if he specifically went to Booz Allen Hamilton to gather evidence of surveillance, he replied: “Correct on Booz.”
His intention was to collect information about the NSA hacking into “the whole world” and “not specifically Hong Kong and China”.
The documents he divulged to the Post were obtained during his tenure at Booz Allen Hamilton in April, he said.
He also signalled his intention to leak more of those documents at a later date.
“If I have time to go through this information, I would like to make it available to journalists in each country to make their own assessment, independent of my bias, as to whether or not the knowledge of US network operations against their people should be published.”
Two days after Snowden broke cover in Hong Kong as the source of the NSA leaks, Booz Allen Hamilton sacked him

Fraud cases -- Lessons for Banks

IT security is becoming increasingly threatened on all sides as businesses struggle to protect information, including computer data, marketing strategies, tax and personnel records, financial data, communications and business plans.
An integrated approach to information security creates value for customers and shareholders by improving capability, reducing cost, improving efficiency and delivering a Return on Investment (ROI). An integrated approach also provides a pathway for developing people into business and process leaders, and for enhancing their knowledge, skills and value to the business.

Reports of account takeover incidents have increased in the last 18 months, yet losses have remained steady, says former federal banking examiner Amy McHugh, who analyzes what security measures are working and what still needs to be done.
A key factor contributing to controlled account takeover losses, McHugh says, is that banking institutions have made big investments to improve online security as they've worked toward conforming to the Federal Financial Institutions Examination Council's updated authentication guidance.

"I was at a bank performing an examination when they had stopped a fraudulent ACH request," McHugh says during an interview with Information Security Media Group. Anomaly detection and behavioral analysis helped this institution flag the suspicious transaction before it resulted in fraud, she says.
"There is an increased awareness," says McHugh, a bank adviser who's a former IT examination analyst for the Federal Deposit Insurance Corp. "There's also an increased push by the regulatory agencies to ensure that the financial institutions are aware of the risks."

Steady losses despite rising account takeover incidents could be a sign that banking institutions are catching more incidents and stopping them, she adds.
But McHugh also notes that smaller banking institutions still have a lot of security work to do. "The very large institutions have robust programs for anomaly monitoring for electronic funds transfer, as well as increasing fraud awareness," she says. "So the fraudsters are moving down to the smaller institutions."

Out-of-Band Authentication

As a result, smaller banks and credit unions should be implementing more out-of-band authentication measures, such as transaction-verification call-backs, McHugh says. Unfortunately, too many are more concerned about inconveniencing the customer than improving security.
"Customer awareness is improving," she says. "But institutions need to push back on the clients and say there are certain security procedures that they are going to require. Dual controls, out-of-band confirmations - these are basic security controls. Also, the banks should implement some kind of anomaly monitoring or detection so that there is some awareness of the pattern of the customer's behavior."
During this second half of a two-part interview, McHugh discusses:
  • The struggles smaller institutions face when it comes to anomaly detection practices and procedures;
  • How working with Internet service providers can enhance security and reduce fraud losses;
  • Why distributed-denial-of-service attacks are an increasing concern for smaller institutions being targeted for ACH/wire fraud.
In part one of the interview, McHugh reviews recent legal disputes involving incidents of corporate account takeover, highlighting that most settlements and judgments favor commercial customers

Earning Trust in NSA Intel Gathering -- Snowden Leak Sparks a Needed Debate

<a rel="author" href="">Eric Chabrow</a> President Obama and his national security team want American citizens and others around the world to trust them on the way the U.S. intelligence community collects data from Internet and telephone communications in their search for international terrorists.
"This is not a situation in which we are rifling through the ordinary e-mails of German citizens or American citizens or French citizens or anybody else," Obama said at a Berlin press conference June 19, with German Chancellor Angela Merkel standing by his side. "This is not a situation where we simply go into the Internet and start searching any way that we want. This is a circumscribed, narrow system directed at us being able to protect our people. And all of it is done under the oversight of the courts."
 This is a debate that I welcome. ... That's what democracy is about. 

Do you believe the president? Do you trust that Obama and his intelligence team tell the truth about the processes behind two secret intelligence-gathering programs leaked earlier this month by Edward Snowden, a former contractor at the National Security Agency?
Trust is vital. As former White House privacy counselor Peter Swire points out in an interview with Information Security Media Group, the United States has a long history of abusing intelligence gathering, including FBI Director J. Edgar Hoover monitoring Dr. Martin Luther King, Vietnam War protestors and one-third of the delegates to the 1968 Democratic National Convention. Indeed, the law that governs today's intelligence-gathering programs was an outgrowth of old abuses of intelligence gathering by the CIA, FBI and NSA.

A Different Type of Disservice

Snowden's unauthorized disclosures did the administration a disservice - not because he broke his oath and revealed government top secrets [that's not what I'm addressing here], but because he showed the Obama administration was not as transparent as it should be.
One of the programs Snowden divulged involves querying databases of what basically consists of the same information found in your phone bills. The other program, known as PRISM, involves U.S. intelligence agencies collecting Internet communications, such as e-mails and social media postings of non-Americans overseas. Both programs are aimed at connecting the dots in trying to identify potential terrorists - a worthy goal.
Obama, NSA Director Gen. Keith Alexander and others in the intelligence community and Congress contend that Snowden's revelations damage the security of the United States and others nations and endanger the safety of their citizens.
But the terrorists likely believe the United States already reads their e-mails, monitor their phone calls and intercepts their Internet communications. If that's the case, why keep the programs secret?

Avoid the Ruckus

If the Obama administration and intelligence community had made the existence of these programs public before the leak, and on their own terms, all the fuss and misinformation about the programs never would have materialized, and Americans would be more trustful of their leaders.
Think about it: Would there be much ruckus if Americans knew that of the millions of possible phone numbers available for the government to search, the NSA queried fewer than 300 of them, as NSA Deputy Director Chris Inglis told lawmakers earlier this week? It would be perceived by many as much ado about nothing. I take Inglis at his word, yet by discussing these programs only after being forced to by the Snowden leaks raises concerns about the lack of transparency.
Much of what occurs in these programs is unseen, such as orders to intercept potential terrorists' Internet communications issued by the secret Federal Intelligence Surveillance Court. That makes sense; we don't want terrorists to learn of the government activities aimed at identifying and capturing them. But such secrecy raises suspicions with the public, and that's not good for creating trust. More transparency that reveals the existence of these programs without providing many of the details will help build that trust.
It's encouraging that the president said he wants to seek ways to declassify more information about these programs without compromising their effectiveness. "This is a debate that I welcome," Obama said, referring to programs that amass information about telephone and Internet communications of individuals. "That's what democracy is about, and I'm confident that we can strike this right balance, keep our people safe, but also preserve our civil liberties even in this Internet age."
Let's hope that this debate will make the administration and the intelligence community more transparent about the ways they collect information about citizens, which, in turn, will build trust, without sacrificing the essential top-secret programs essential to identify terrorists and keep us safe.

PRISM: Snowden seeks Ecuador asylum and flees to Russia after US extradition filing

Edward Snowden, the former CIA IT contractor who revealed the PRISM scandal that has embroiled the political and technology worlds over the last two weeks, has asked Ecuador for extradition, following WikiLeaks founder Julian Assange in using the country to hide from the US authorities.

Snowden had been in Hong Kong but after the US began proceedings for an extradition he made moves to flee the country, firstly by heading to Moscow.
It is unclear exactly where Snowden is now as some reports said he was heading for Cuba, but Ecuador's foreign minister, Ricardo Patino, confirmed on Twitter that an asylum request had been received.
The plan was also confirmed by another thorn in the US’s side, Wikileaks, which said it was helping Snowden with his plan.
“[Snowden] is bound for the Republic of Ecuador via a safe route for the purposes of asylum, and is being escorted by diplomats and legal advisors from WikiLeaks,” read a statement on the WikiLeaks website.
Hong Kong authorities were said to have turned down the original US extradition request they received as it was incomplete, according to numerous sources, while the US Justice Department said it would continue to pursue Snowden regardless of where he is heading.
"We will continue to discuss this matter with Hong Kong and pursue relevant law enforcement cooperation with other countries where Mr Snowden may be attempting to travel," the department said in a statement, according to the BBC.
Snowden’s revelations led to headlines around the world after he claimed the US government was monitoring the data of millions of citizens by having access to the servers of technology giants such as Google, Facebook and Microsoft.
These firms rushed to deny the claims and have pushed for greater transparency. Google has since filed a legal case to demand the right to reveal more information on the data it is required to hand to the authorities under US law. President Obama has claimed the entire process is ‘transparent’ but critics have rounded on the PRISM.
The UK has been embroiled too, with claims its spy post GCHQ uses the PRISM programme to access data itself, thereby circumventing UK law. The UK government has denied all these claims.
The case has echoes of the WikiLeaks scandal, which saw founder Julian Assange seek refuge in the Ecuadorian embassy in London to avoid extradition to Sweden. Assange remains holed up in the assembly, with no end to the situation in sight.

PRISM: US formally charges Edward Snowden with espionage

The US government has formally charged the man behind a series of leaks on National Security Agency (NSA) surveillance programmes.
The Washington Post cites unnamed government officials in reporting that former contractor Edward Snowden will face charges of “espionage, theft and conversion of government property” should he be arrested or extradited by a foreign government.
The filing of charges was widely expected after Snowden leaked to the press a nuber of documents describing the programmes the NSA uses to keep track of user activity in its internal investigations of criminal matters.
The former contractor and systems analyst made himself an instant global celebrity and hero of the user rights movement when in early June he leaked information on the PRISM database project. The system aggregated data collected from many of the largest service providers to give intelligence agencies a collection of user activity.
Since the leak, Snowden has taken abroad and was last reported to be in Hong Kong. No word had been given on US demands for extradition.
In addition to domestic surveillance, the PRISM archive is said to have been accessed by foreign agencies, including the UK's GCHQ. The European Commission has already begun investigating the role the programme played in Europe.
Meanwhile, the companies associated with the PRISM archive have been scrambling to distance themselves from the scandal. Google, Apple, Microsoft and Yahoo have all come forward denying any knowledge of PRISM and any cooperation with government agencies beyond what is required by federal law.

Facebook loses data on six million users

Facebook is warning users following the discovery of a breach that could result in the leak of information on around six million accounts.
The company said that the bug, reported through its WhiteHat security research programme, had left the email and phone numbers of certain users visible to those who may not be connections on the social-networking platform.
The company said that the bug is connected to its contact recommendation feature. When users upload their phone numbers and email addresses to the service, Facebook can use the information along with user-uploaded contact lists to create invites and friend recommendations.
However, researchers found out that Facebook's Download Your Information feature will inadvertently store data, which some of the six million users who uploaded email and phone numbers may not have intended to share.
The company said in an alert to users: “Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook.
“As a result, if a person went to download an archive of their Facebook account through our Download Your Information tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection.”
The company said that it is working on a fix, but in the meantime it has disabled the Download Your Information option. Facebook noted that the impact of the bug is expected to be minimal as the data will only be available to users who are already friends or contacts.
The breach could steal away some of the momentum Facebook had hoped to gather when it announced a major update to its Instagram brand. The photo-sharing site on Wednesday announced that it would be enabling users to record and share short video clips.

Anonymous hacked North Korea's intranet #opNorthKorea stolen secret military

Anonymous collective hacker group claim to have hacked into North Korea’s intra-net and stolen secret military documents, which they say will be released on June 25.In a press release posted on the website Pastebin, the hackers said.
Anonymous Press Release Operation North Korea (#opNorthKorea).Kim Jong-un, now it is time for you to step down.

Hijacking of DNS Records from Network Solutions

Multiple organizations with domain names registered under Network Solutions suffered problems with their domain names today, as their DNS nameservers were replaced with nameservers at
The nameservers at were configured to reply to DNS requests for the affected domains with IP addresses in the range Cisco observed a large number of requests directed at these confluence-network IP addresses. Nearly 5000 domains may have been affected based on passive DNS data for those IPs.

Hijacking of a domain name’s DNS records is one of the worst attacks an organization can suffer. You literally have lost control over your domain.  Network Solutions, having been the original registrar for .com, .net, and .org domain names, is quite an attractive target for attackers. Originally it was unclear whether the issue was the result of an attack or a misconfiguration. It turns out the problem was both attack-related and also the result of a misconfiguration. Network Solutions issued a statement claiming, “In the process of resolving a Distributed Denial of Service (DDoS) incident on Wednesday night, the websites of a small number of Network Solutions customers were inadvertently affected for up to several hours.”
Interestingly, several of these domains were setup under different nameservers at For example, the domain was pointed to the DNS nameservers and Yelp had their nameservers changed to and Fidelity, meanwhile, was pointed at and However, the fact that so many domains were displaced in such a highly visible way supports Network Solutions’ claim that this was indeed a configuration error.
TRAC recommends anyone who has a domain registered with Network Solutions verify that their DNS nameservers are pointed at the correct location. TRAC also recommends network administrators check the logs from their network devices for connections to the subnet. Organizations need to carefully consider how they would swiftly identify unauthorized modifications to their DNS records and how they would react to such a situation.

Dutch inmates to get computers in their cells

The Netherlands' justice minister has proposed putting a personal computer in every prison cell in the country, in one of the more unusual measures under consideration by the Dutch government to reduce the national deficit.
It's not quite as exciting as it sounds at first," ministry spokesman Jaap Oosterveer said Friday. He says the computers would be stripped-down machines with no email and little or no Internet access.
The main reason for installing them would be to reduce the amount of time worked by guards. Oosterveersays prisoners would use computers to fill in their food, visiting and exercise schedules.
But there is also an educational element in Minister Fred Teeven's plan, as prisoners eligible for release may be allowed to use the computers for approved study programs.

China fury at new snooping claims

China yesterday attacked the United States as an espionage ‘villain’ after former spy Edward Snowden raised new allegations about the far-reaching extent of US cyber-snooping against Chinese targets.
The official Xinhua news agency noted that Washington was now pressing Hong Kong to extradite the former National Security Agency (NSA) contractor after he fetched up in the Chinese territory last month.
But the US government first owes the world an explanation, it said, as a prominent Hong Kong lawmaker noted that the territory has the legal right to resist an extradition request made for political reasons.
In the latest revelations published by Hong Kong’s Sunday Morning Post, Snowden said the NSA was hacking Chinese mobile phone companies to gather data from millions of text messages.
He said US spies have also hacked the prestigious Tsinghua University in Beijing – home to one of six ‘network backbones’ that route all of mainland China’s Internet traffic – and the Hong Kong headquarters of Pacnet, which operates one of the Asia-Pacific region’s largest fibre-optic networks.
“These, along with previous allegations, are clearly troubling signs,” Xinhua said in a commentary.
“They demonstrate that the United States, which has long been trying to play innocent as a victim of cyber attacks, has turned out to be the biggest villain in our age,” it said.
“The NSA does all kinds of things like hack Chinese cell phone companies to steal all of your SMS data,” Snowden said in the Post interview, which the newspaper said was conducted on June 12 and released after it had scrutinised and clarified his claims.
His claims about Pacnet followed a report in the Guardian in which he claimed the British government’s electronic eavesdropping agency GCHQ had gained secret access to fibre-optic cables carrying global Internet traffic and telephone calls, and was sharing the information with the NSA.
Snowden said in the Post interview that Tsinghua University, which counts China’s President Xi Jinping and his predecessor Hu Jintao among its graduates, was the target of extensive NSA hacking.
The university, whose network backbone handles Internet data from millions of Chinese citizens, was breached as recently as January, he was quoted as saying.
According to the Post report, the NSA in 2009 also attacked Pacnet, whose fibre-optic network stretches across 46,000 kilometres in 13 countries ranging from Singapore to Japan via Hong Kong and China.

SMBs spending measly £200 a year on cyber defences

Small to medium sized businesses are spending as little as £200 a year on their cyber security budgets, leaving themselves wide open to attacks from hackers, the UK Home Office has revealed.
The Home Office said SMEs are drastically under investing in IT security in its Crime against businesses: Detailed findings from the 2012 Commercial Victimisation Survey, revealing that many companies with fewer than 20 employees are spending as little as £200 per year. "Of those business premises that had computers, the average (median) amount spent on IT security over the previous 12 months was £200," reads the report.
The report revealed that a firm's average IT spend increased in line with its size, with companies with 50 to 100 employees spending roughly £4,000 per year on IT security and firms with 100-plus employees around £10,000.
Interestingly, the disparity in investment in physical and IT security investment also grew in line with the company's size, with medium sized 50 to 100 employee businesses spending £6,000 on physical security and larger 100-plus sized firms spending a massive £25,000. By comparison, small companies with fewer than 20 employees generally spent £1,000 on physical security per year.
The Home Office findings follow widespread warnings from the security industry suggesting UK businesses are not taking the cyber threat facing them seriously enough. Director of strategy at FireHost, Daniel Beazer, told V3 the issue is largely down to a lack of awareness about cyber threats.
Beazer added as well as a lack of awareness, those that are knowledgeable about the threat's ability to respond is being hampered by archaic legislation. "It's no surprise that small companies spend so little defending their IT estate. Sometimes it's ignorance or that the owners simply have more important battles elsewhere," he said.
"The regulatory regime in the UK imposes penalties that are so low it's often cheaper to pay the fine rather than put in proper defences, which doesn't help. Finally the security industry is a problem. Most security products are difficult to understand, difficult to put in place, and very expensive for what little they do."
Prior to the report the Home Office announced plans to launch a new cyber awareness campaign, designed to educate businesses and citizens about rising hacker threats to help solve the problem.

NSA targeted China's Tsinghua University in extensive hacking attacks, says Snowden

Tsinghua University, widely regarded as the mainland’s top education and research institute, was the target of extensive hacking by US spies this year.
Tsinghua University in Beijing, widely regarded as the mainland’s top education and research institute, was the target of extensive hacking by US spies this year, according to information leaked by Edward Snowden.
It is not known how many times the prestigious university has been attacked by the NSA but details shown to the Post by Snowden reveal that one of the most recent breaches was this January.
The information also showed that the attacks on Tsinghua University were intensive and concerted efforts. In one single day of January, at least 63 computers and servers in Tsinghua University have been hacked by the NSA.
Snowden said the information he shared on the Tsinghua University attacks provided evidence of NSA hacking because the specific details of external and internal internet protocol addresses could only have been obtained by hacking or with physical access to the computers.
The university is home to one of the mainland’s six major backbone networks, the China Education and Research Network (CERNET) from where internet data from millions of Chinese citizens could be mined.
The network was the country’s first internet backbone network and has evolved into the world’s largest national research hub.
It is one of the mainland’s non-commercial networks, owned by the Ministry of Education, but operated and maintained by the university and other colleges.
Universities in Hong Kong and the mainland were revealed as targets of NSA’s cyber-snooping activities last week when Snowden claimed the Chinese University of Hong Kong had been hacked.
Chinese University is home to the Hong Kong Internet Exchange, the city’s central hub for all internet traffic.
Snowden said the NSA was focusing much attention on so-called “network backbones”, through which vast amounts of date passed.
In the wake of Snowden’s claims, the Ministry of Foreign Affairs set up an office to deal with diplomatic activities involving cyber security.
The new cyber affairs office is the first of its kind on the mainland with a Foreign Ministry spokeswoman saying that Beijing, long accused of cyberhacking by the United States, has been a “a major victim” of cyberattacks and that it opposed “cyberattacks in all forms”.
She added that the central government would discuss cybersecurity issues with the United States at next month’s Sino-US strategic and security dialogue.
Professor Xu Ke, deputy director of the Institute of Computer Networks at Tsinghua University, has previously said that most data passing through network backbones was not encrypted.
Xu said most attacks on such networks were carried out by governments because individual hackers “could gain little”, as the amount of information they faced would be “colossal”.
Only governments or large organisations would have the resources and manpower to “find the needle in a haystack”, he said.

Zerigo experiences DDOS attack

Cloud-based DNS provider Zerigo has been hit by a distributed denial-of-service (DDOS) attack. According to the company’s network status page, the cyberattack started on Friday, June 21, at around 15:00 UTC.
On Saturday, at 3:37 UTC, the company reported that all their name servers had gone offline.
“We are currently experiencing a DDoS attacks against Zerigo DNS services. It has escalated and has now affected and as well now,” Zerigo noted.
Currently, B and D name servers are back online, but others are still offline.
In early June, at least three other DNS providers reported being hit by DDOS attacks. The systems of DNSimple, easyDNS and TTP Wholesale were abused for a DNS amplification attack against another network.
It’s uncertain if the attacks are related to the one currently experienced by Zerigo, but hopefully we’ll find out soon.

FaceBook Reward $500 USD For Your Bug Bounty Info

FaceBook released on its security blog a bug  information  that unintentionally exposed some members' contact details.
Important Message from Facebook's White Hat Program
At Facebook, we take people’s privacy seriously, and we strive to protect people’s information to the very best of our ability. We implement many safeguards, hire the brightest engineers and train them to ensure we have only high-quality code behind the scenes of your Facebook experiences. We even have teams that focus exclusively on preventing and fixing privacy-related technical issues before they affect you.
Even with a strong team, no company can ensure 100% prevention of bugs, and in rare cases we don’t discover a problem until it has already affected a person’s account. This is one of the reasons we also have a White Hat program to collaborate with external security researchers and help us ensure that we maintain the highest security standards for our users.
We recently received a report to our White Hat program regarding a bug that may have allowed some of a person’s contact information (email or phone number) to be accessed by people who either had some contact information about that person or some connection to them.
Describing what caused the bug can get pretty technical, but we want to explain how it happened. When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. For example, we don’t want to recommend that people invite contacts to join Facebook if those contacts are already on Facebook; instead, we want to recommend that they invite those contacts to be their friends on Facebook.
Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook. As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection. This contact information was provided by other people on Facebook and was not necessarily accurate, but was inadvertently included with the contacts of the person using the DYI tool.
After review and confirmation of the bug by our security team, we immediately disabled the DYI tool to fix the problem and were able to turn the tool back on the next day once we were satisfied that the problem had been fixed.
We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool.
We currently have no evidence that this bug has been exploited maliciously and we have not received complaints from users or seen anomalous behavior on the tool or site to suggest wrongdoing. Although the practical impact of this bug is likely to be minimal since any email address or phone number that was shared was shared with people who already had some of that contact information anyway, or who had some connection to one another, it's still something we're upset and embarrassed by, and we'll work doubly hard to make sure nothing like this happens again. Your trust is the most important asset we have, and we are committed to improving our safety procedures and keeping your information safe and secure.
We have already notified our regulators in the US, Canada and Europe, and we are in the process of notifying affected users via email.
We appreciate the security researcher's report to our White Hat program, and have paid out a bug bounty to thank him for his efforts.
If you are a security researcher, please review our responsible disclosure policy before reporting any vulnerabilities. If you are not a security researcher, visit the Facebook Security Page for assistance.
If you believe you have found a security vulnerability on Facebook, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem.
Responsible Disclosure Policy
If you give us a reasonable time to respond to your report before making any information public and make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you.
Bug Bounty Info
To show our appreciation for our security researchers, we offer a monetary bounty for certain qualifying security bugs. Here is how it works:
To qualify for a bounty, you must:
  • Adhere to our Responsible Disclosure Policy (above)
  • Be the first person to responsibly disclose the bug
  • Report a bug that could compromise the integrity of Facebook user data, circumvent the privacy protections of Facebook user data, or enable access to a system within the Facebook infrastructure, such as:
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF/XSRF)
  • Broken Authentication (including Facebook OAuth bugs)
  • Circumvention of our Platform/Privacy permission models
  • Remote Code Execution
  • Privilege Escalation
  • Provisioning Errors
  • Please use a test account instead of a real account when investigating bugs. When you are unable to reproduce a bug with a test account, it is acceptable to use a real account, except for automated testing. Do not interact with other accounts without the consent of their owners.
  • Reside in a country not under any current U.S. Sanctions (e.g., North Korea, Libya, Cuba, etc.)
Our security team will assess each bug to determine if it qualifies.
  • Our minimum reward is $500 USD
  • There is no maximum reward: each bug is awarded a bounty based on its severity and creativity
  • Only 1 bounty per security bug will be awarded
The following bugs are not eligible for a bounty (and we do not
  • recommend testing for these):
  • Security bugs in third-party applications (e.g.,[app_name])
  • Security bugs in third-party websites that integrate with Facebook
  • Denial of Service Vulnerabilities

Cyber attacks a grave threat to Turkish institutions

Public institutions have been exposed to more than 20,000 cyber attacks a day for the past few weeks, Binali Yıldırım, minister of Transportation, Maritime Affairs and Communications, said recently.
Turkey's government tried to handle Cyber attacks launched during the past three weeks as the Gezi Park protests rocked the country, but a lack of sufficient manpower well-trained in countering Cyber attacks is the main obstacle for Turkey to properly fight Cyber threats, experts have said.
Public  institutions have been exposed to more than 20,000 Cyber attacks a day for the past few weeks, Binali Yıldırım, minister of Transportation, Maritime Affairs and Communications, said recently. “We are trying to establish international cooperation to combat the attacks. We eliminated a large portion of the attacks,” the minister added.
In a bid to ensure Cyber security, Turkey has taken some significant steps in the past couple of years. Last year, for example, the Ministry of Transportation, Maritime Affairs and Communications and the Information Security Association prepared Turkey's National Cyber Security Strategy.
The strategy document and the action plan for the years 2013-2014 have just officially came into force with the document's publication in the Official Gazette on June 20. A National Center for Combatting Cyber Threats (USOM) will also be established.
What Turkey urgently needs at this point is people qualified in Cyber technology, given that the topic of Cyber security is not currently taught at more than a few universities in Turkey. “We need a lot of well-trained people," vice-chairman of the Ankara-based Information Security Association Sağıroğlu told Today's Zaman, noting that the country's human resource capacity in this field is still rather moderate compared to the volume of the threat.
The Cyber risk is not a negligible one for Turkey, considering that the level of Cyber threat a country is exposed to is strongly related to the role a country plays in world affairs. “You [as a country] come under as many Cyber threats as you are exposed to military ones,” Ahmet Koltuksuz, of the Department of Computer Engineering at Yaşar University, told Today's Zaman, drawing attention to the high risk the country faces, being geographically situated in a world trouble spot.
Koltuksuz, who is also of the opinion that Turkey has performed well against Cyber attacks in the past weeks, underlined, like Sağıroğlu, that the country urgently needs to develop human resources well-trained to combat Cyber threats. Public awareness must also be raised regarding Cyber threats, he added.
Both experts agree that for Turkey to be able to increase its Cyber security, it not only needs to produce computer software locally, but also some of the hardware. “As long as you import all the hardware, then you can't be sure you are safe against Cyber threats,” Koltuksuz said.
A good number of public institutions came under Cyber attack during the protests, which started in the end of May. Although most of the Cyber attacks were rendered ineffective, the web pages of the Ministry of the Interior, İstanbul's Police Department and that of the Governorate of İstanbul were hacked and the telephone numbers of some police officers were revealed.
The hacking groups Anonymous and Redhack also tried their hands at the presidency's website for 72 hours straight, but they were stopped by a special group formed of the presidency's IT team that directed the hackers to wrong URLs, fooling them into thinking they were attacking the presidency. The presidency has announced that about 70 percent of the attacks came from foreign sources.
As part of efforts to be prepared for Cyber threats, 60 state institutions took part in a Cyber attack drill at the beginning of the year. The drill, called the “Turkish National Cyber Security Exercise,” was coordinated by the Ministry of Transportation, Maritime Affairs and Communications, the Information Technologies and Communications Authority (BTK) and the Scientific and Technological Research Council of Turkey's (TÜBİTAK) Research Center for Advanced Technologies on Informatics and Information Security (BİLGEM).

UK hacking scandal went well beyond media

The phone hacking scandal rocking Britain extends well beyond the media industry to include law firms, debt collectors and other companies, a newspaper said Saturday.
The scandal has already sent shockwaves across the U.K. with revelations that journalists routinely intercepted voicemails, bribed public officials, and hacked into computers in their search for scoops.
The Independent, citing a leaked report from Britain's Serious and Organized Crime Agency and an unnamed person familiar with its content, said that many others were in on the shady practices — including businessmen, attorneys, and debt collectors.
An unclassified summary of the report was published five years ago, but the Independent provided new details about its content, including the allegation that celebrities, businessmen, and an unnamed "major telecommunications company" had hired corrupt private investigators specializing in such practices. The paper didn't give further details or post the report to its website.
The crime agency said it would not comment on the Independent's report.
British police investigating the phone hacking scandal have made scores of arrests, many of them outside the world of journalism.

Exploring Iran’s Hidden Internet

With the first public Internet services available through dial-up in 1995, Iranians had around six years of unfettered, albeit slow, access before governmental regulations began to impose limitations on the availability of content.
Matching a common trend, these initial restrictions sought to block content deemed pornographic and protect the state’s telecommunication monopoly again VOIP services. Within ten years of the introduction of a consumer Internet, early 2006, the Ministry of Information and Communication Technology was already threatening the creation of a “national” Internet, a meme that would haunt freedom of expression advocates ever since.
While a shifting set of government ministries, religious figures and professional associations have promised the end of Google’s reign and the establishment of a more culturally appropriate network, this rhetoric has amounted to little more than one of the most extensive filtering regimes in the world and a public that is remarkably adept a bypassing it.
Rather than assessing the future of Iran’s Internet solely on the rhetoric of politicians, it is possible to begin monitoring the internal infrastructure of the country’s networks to look for clues.
Beginning in September, through a grant from Annenberg’s Iran Media Program, work began to track the evolution of progress of the National Internet Development Agency’s mandated task of implementing local data centers and deployment of home broadband services.
Although it is well known that the international Internet gateways are controlled by semi-state controlled organizations, it became clear that shortly that little is known about technical aspects of such a vital medium.
In a paper posted on the scientific publication repository arXiv, collaborators and I begin to release some of the results of this work by describe the previously unknown and abnormal use of what are designated “private” Internet addresses (IP) for country-wide traffic. While these addresses are normally only used in small settings, such as offices, and not allowed to travel outside local networks, telecommunications companies have allowed them to communicate across the country, whether intentionally or unintentionally, creating a hidden network only reachable inside of Iran.
In our initial study, we set out to prove that this phenomenon applies to a wide section of Internet service providers, and that content exists in this space that is only accessible internally. During the process, we find the private locations of services that the government has fostered to compete with the likes of Google, as well as the networks of several ministries.
While we show that this has been in development for at least two years, and that it does not directly mean that the country will disconnect from the Internet anytime soon, we do end by raising more questions than we answer.
What remains more clear than ever is that Iran’s networks are internally more interesting than it appears from the outside, and that the principles of universal access that we take for granted are increasingly threatened by new means isolate national networks from the global Internet.

Hong Kong Government Issues statement on Edward Snowden

Hong Kong Statement: The HKSAR Govt today (June 23) issued the following statement on Mr. Snowden.
Edward Snowden, the former National Security Agency contractor who exposed secrets about the federal government’s surveillance programs, has reportedly has left for a "third country," the Hong Kong government said Sunday.

Anonymous tattoo collection

Have you seen these awesome Anonymous tattoos? They have been collected from all over the internet and some are huge! This shows how deep the spirit of Anonymous goes.
Sick Anonymous Tatoo

Anonymous with love

This has to be one of the sickest Anonymous tattoo you will see . I did not search for the person with this tattoo - but if you are the owner of the tattoo and you want your name on the website let me know.

Anonymous from the inside

This is one of the Anonymous spirits that can't wait to come out of the spirit world. If you are the owner of this tattoo and you want your name/url/blog listed - leave your contact.

We are Anonymous

If you are the owner of this tattoo and you want your name /url/ blog listed - leave your contact.

Anonymous Suit Tattoo 

If you are the owner of this tattoo and you want your name /url/ blog listed - leave your contact.

Anonymous is Global

If you are the owner of this tattoo and you want your name /url/ blog listed - leave your contact.

China & USA: You give me intell on your cyber attacks & you get Snowden

The government of Hong Kong had released a press release which said that the HKSAR government has formally written to the US Government requesting clarification on earlier reports about the hacking of computer systems in Hong Kong by US government case.

This shows that the field of cyber conflict is expanding towards bargaining cyber intelligence with human lives. The Chinese wanted intelligence on the earlier attacks on the Chinese government. It seems that the United States was not interested in sharing this information as Snowden is again a step ahead towards his freedom. The guardian reports that if Snowden would have stayed in China the US-Chinese relation could have worsened.
HKSAR Snowden

Ex UK intelligence chief : Hacking threat to the UAE, neighbours is real

A former military intelligence supremo from Britain has warned firms in the UAE and its neighbours to be alive to the threat posed to their business by cyber criminals.
Sir Joe French, who in his role as Chief of Defence Intelligence was in charge of co-ordinating intelligence across the UK’s armed forces, says firms of every stripe must now be on their guard.
“I just can’t think that of an aspect of life that isn’t potentially vulnerable,” he warned.
Earlier this month famed ‘hactivist’ collective Anonymous announced it plans to target the global oil industry, and Sir Joe told 7DAYS that the Gulf’s oil installations would likely be a “prime target” for a new breed of hackers. But the threat doesn’t stop there, he explained.
He said: “It is just a part of modern life and given the upset that people want to cause if they have got some sort of grudge against the government then there are all sorts of things that could be done to actually make life very, very difficult.”
He added: “If you take the [road] traffic system you could very easily, if you got into the wrong computers, cause absolute chaos. As for the burgeoning airline industry in this part of the world, it wouldn’t take long to upset the computers there - which would cause chaos among what’s going on. And desalination plants will be something on the list that you want to make sure that you are protecting very adequately.”
Sir Joe was head of Britain’s military intelligence between 2000 and 2003 - at a time when the UK government was making its controversial case to go to war in Iraq. Earlier this year he was appointed to a board of advisors on cyber education by the Defence Services Marketing Council - an organisation for defence firms looking to do business in the Middle East.
Increasingly, around the world, the trend is for key national infrastructure to be run by private companies, he said.
So the Gulf must ensure that government and business share information and expertise in order to minimise the threat of a lapse. And for companies, that means full engagement by their top team.
He said: “It isn’t something you just leave to a functionary - the chief telecoms officer or the chief information officer - the example has to come from the very top.”

Cyberattacks On National Iranian Oil Company

Cyber attackers targeted the Iranian Oil Ministry and its subsidiary, the National Iranian Oil Company, on Friday but their attacks have been repelled, the Mehr News Agency reported on Saturday.
On Friday, “an unknown group launched a series of cyber attacks against the main websites of the Iranian Oil Ministry and the National Iranian Oil Company, which stopped the virtual activities of the main websites of the Iranian Oil Ministry and the National Iranian Oil Company and a number of their affiliated websites,” the report said.  
It added, “Since noon yesterday, the Internet of the workers and managers of parts of the Iranian Oil Ministry and the National Iranian Oil Company has been down, but hackers failed to access confidential and classified information of the Oil Ministry due to the high level of security.”

AnonGhost sets #opBURMA for august 15th 2013

AnonGhost known from the #opUSA, #opIsrael and #opPetrol operations are now setting their minds towards a new operation called #opBURMA.

Myanmar topic

Burmese Government does not consider Rohingya Muslims as citizens and are hated by the Buddhists. Rohingyans have long demanded recognition as an indigenous ethnic group with full citizenship by birthright, claiming a centuries-old lineage in Rakhine. But the Government regards them as illegal immigrants from neighbouring Bangladesh and denies them citizenship.
UN Special Rapporteur on Human Rights in Myanmar, Tomás Ojea Quintana, said at a recent visit to Myanmar, discrimination against the Muslim community, particularly the Rohingyas in Rakhine State, was the root cause of the violence, stressing the need for the authorities to take steps to address “long-standing issues of deprivation of citizenship, freedom of movement, and other fundamental rights” for the Rohingyas.

Even Nobel Prize winner, Aung San Suu Kyi, does not consider Muslims as citizens. Speaking at London School of Economics meeting last week during her visit to the UK, she said Rohingya Muslims should be considered as permanent residents but not as citizens. During a press conference in Downing Street last Thursday, she did not condemn the killings of Rohingya Muslims, instead she said, “Ethnic conflict plaguing the country” should be investigated and “dealt with wisdom.” Eight Muslim pilgrims along with one escort – a Muslim lady – and one helper, were killed in Taungup, at about 3:00pm on June 3 by a gang of hundreds of Buddhist Rakhines, according to a pilgrim who returned from Thandwe after seeing the eight Muslim pilgrims.
The victims were Muslim pilgrims returning to Rangoon in a bus from Thetsa Masjid in Thandwe, southern Arakan, on June 3. “The culprits were celebrating triumph spitting and tossing the wine and alcohol on the dead bodies lying on the road,” said an eye witness.
“These innocent people have been killed like animals,” said Abu Tahay, of the National Democratic Party for Development, which represents the country’s much-persecuted stateless Muslim Rohingya community.
“If the police cannot control the situation, maybe the (unrest) is going to spread,” he said, adding that the biggest fear was for Rakhine state, where there is a large Muslim minority population including the Rohingya.
Meanwhile, Rakhine Buddhists burned down a Rohingya Muslim village – Anauk Pin – in Rathidaung Township on June 9 at about 8:30 am, where 60 houses were burned down. Eight Rakhines and 8 Rohingyas died.
Another Rohingya village – Muzardiya – was also burned down where two Rohingyas were killed. Similarly Rohingya village –Tharapin – was also burned down and most of Rohingya villagers were killed. These villagers are stranded between Rakhines villages and Mayu River.
About 800,000 Rohingya live in Myanmar, according to the UN, which describes them as one of the world’s most persecuted minorities.

AnonGhost has seen no action from Anonymous

AnonGhost said that the Anonymous spirits has showed no real support in #opMyanmar - this is why we need #OpBurma

#opBurma Target List 

AnonGhost has said that they will target everthing and that they will not leave anyone unharmed. 

AnonGhost members that are going to work on the #opBurma operation

Mauritania Attacker - Virusa Worm - SpitFir3 - Deto Beiber - BL4ckc0d1n6 - Dr.SàM!M_008 - Kais Patron - Ian Surgent - M3GAFAB - Gbs Aremiey - Mr Domoz - Tak Dikenal - Chahid inj3ctor - b3ta - AnonxoxTN - Spec Tre - PsyferR - Raka 3r00t - Gh0st_3xp10!t - PirateX - kopra1337 - Bl4ck Jorozz - Riad Spamer - VirUs AsEr AlrOoh - Younes Lmaghribi - Zaky - Joker Inside - AreTheiS

Moroccan Anonymous-Hacker wanted by FBI arrested in Italy

Without guns, without masks or bombs; all he needed is a computer and a keyboard to make up to $ 8 million out of bank hacking. Moroccan hacker known as "The Ghost" Rachid Ibn Al-Yamani, who was arrested in Rome, Italy was deported to the USA at the request of the Federal Bureau of Investigation (FBI) as reported by the Moroccan news outlet Hespress based on the Italian newspaper "La Republica" on Wednesday, May 29 2013.

UAE on high alert for oil-protest hackers

A cyber attack launched against the oil industry has not affected UAE companies, but security experts remain on high alert.
The #OpPetrol campaign was launched on June 20 by hacking-activist group Anonymous.
It claims to be targeting oil companies in Saudi Arabia, Qatar and Kuwait in protest against oil products being traded in US dollars instead of the currency of the country it originates from.
Internet security company Trend Micro said Anonymous had already compromised about 1,000 websites, 35,000 email credentials and more than 100,000 Facebook accounts as a part of the #OpPetrol operation.
Government websites in Kuwait, Qatar, and Saudi Arabia have also been taken offline.
They might be trying to protect themselves and disconnect themselves and that reduces the risk,” said Niraj Mathur, a security practice manager at Gulf Business Machines in Dubai.
“We can’t say if it’s a precaution or they’ve actually been  attacked.”
If companies had been attacked, he added, they were unlikely to publicise it.
Richard Sheng, senior director of enterprise security at Trend Micro Asia Pacific, said the IT threat landscape was evolving.
“Cyber attacks are now targeted, customised and persistent,” he said.
“While hacktivists makes announcements of their attack campaign, most cybercrimes and espionage goes undetected by conventional security controls such as firewall, antivirus or intrusion detection systems.
“Organisations need to assume they will be compromised and redefine their IT security with that mental model.”