2011 May » Cyber Crimes Unit | Cyber Crimes Unit

The 2Centre project is a collaborative effort involved Irish and French academics and industries, the Gardaí and other police forces around Europe, and the European Commission.

2Centre will operate as part of the existing UCD Centre for Cybercrime Investigation, which was established in 2006, and staff at the unit will lead and manage the project, while a similar project will operate at a university in France. The centre at UCD has already trained members of Europol and Interpol in cybercrime investigation.

Justice Minister Alan Shatter says that UCD and the Gardaí have been involved in training over 1,000 police officers from cybercrime units around the world, and that the 2Centre project aims to develop advanced training, including the development of forensic software tools.

The Department of Justice is currently preparing a Criminal Justice Cybercrime Bill, which will create a range of offences relating to information systems and data, including hacking a system and accessing data.

Article source: http://www.thejournal.ie/new-cybercrime-fighting-centre-opens-in-dublin-146550-May2011/

Cyber crime cell to take off this month

News Comments Off

May 312011

Article source: http://timesofindia.indiatimes.com/city/vadodara/Cyber-crime-cell-to-take-off-this-month/articleshow/8669137.cms

EU: Progress on Digital Issues Good; Copyright, Cybercrime Need Work

News Comments Off

May 312011

BRUSSELS – The European Commission’s first scoreboard for issues related to its digital ambitions shows that while “progress is good” overall, some areas including copyright and cybercrime still need more work, the 27-nation bloc’s executive arm said Tuesday.

“There is still considerable room for development for on-demand services and online music subscriptions, which for the moment find significant markets only in the largest European countries,” a statement from EU Commissioner for the digital agenda Neelie Kroes said, with more action necessary to unlock the EU’s digital content market.

Kroes’ peer, internal markets commissioner Michel Barnier said last week his services are reviewing the bloc’s copyright rules. Currently, rights for music, films and other works are licensed mainly on a national basis, but the Internet has fundamentally changed the way they are bought and sold.

In terms of the regulatory landscape for the telecoms industry, more EU member states are due to auction the spectrum made available by the switchover to digital TV, to be used for services including 4G mobile telecoms. Austria, the Czech Republic, Denmark, France, Ireland, Italy, Spain and the U.K. are expected to conduct this procedure either later this year or in 2012. Mobile broadband is increasing in popularity, with coverage of third generation mobile networks reaching 90% last year.

In contrast, take-up of fixed broadband is still increasing, but the growth rate in 2010 was the lowest since 2002, the commission said. “The slowdown in growth is of concern, as currently close to 40% of households still have no broadband connection,” it added.

Kroes also said her agenda includes setting up a European cybercrime platform, the feasibility of a European cybercrime center, and the modernization of the European Network and Information Security Agency, ENISA, in order to tackle online crime.

“Overall, progress is good,” on the scoreboard, with 11 of the 101 actions set out by the EU completed (two ahead of schedule), 84 “largely on track,” and 6 actions due to be delivered last year delayed.

- By Frances Robinson, Dow Jones Newswires; +32 2 741 1486; frances.robinson@dowjones.com

Article source: http://www.foxbusiness.com/industries/2011/05/31/euprogress-digital-issues-goodcopyrightcybercrime-need-work/

What to put in a business plan

News Comments Off

May 312011

I’ve been reading the excellent Emma Jones of Enterprise Nation and her ideas on what to put in a business plan, as quoted on the BusinessZone website. A few years ago I anglicised/co-wrote the book, “Business Plan in a Day”, so I have some opinions on this.

I should stress that Jones’ piece is effectively a flier for a course and works very well as such; she was also presumably given a much lower word limit than I have here so it’s a very different piece from any I’d write. So here are her points in bold, my comments in plain text and then some points of my own.

Idea: Obviously you need a business idea but don’t get too hung up on the idea of originality. Two years ago when I was first helping to judge the Nectar Business Awards I had a mail from someone angered by the eventual winner having taken his business idea from an American company.

We didn’t care.

Sainsbury’s is not, as far as I’m aware, the first supermarket (unless of course I’ve picked the one that actually is). It would take a complete idiot, though, to dismiss it as an also-ran because of this. Likewise Apple wasn’t the first computer company nor the first MP3 player maker. You get the idea – a solid idea done well is fine, you don’t need to be a pioneer (in fact pioneers tend to be the ones to get shot at).

Market: Jones is keen that you should establish who your customers and competition actually are. This is essential of course. More importantly you need to establish market norms and how you’re going to stand out. Say you’re opening an Indian Takeaway near where I live. The first thing you need to know is that unless you deliver to people’s doors you’re as good as dead. Next you need to understand how many restaurants there are nearby and the sort of quality and price on offer. Then you need to look at how the other restaurants are performing to see whether there’s actually room for another or whether the market is already saturated. Then talk to passers-by – literally, stand there with a clipboard and see whether there’s much knowledge of Indian cuisine, whether there’s room for a particular region’s offerings. Go into it having an idea of your customer and whether they will buy from you.

Operations: This is the part about how to deliver and market the idea. You also need a good idea of what you’ll do when things don’t go so well for a customer.

Financials: Jones takes this really basic and suggests you need more income than outgoings (of course) and that you need to think about whether you need any start-up money.

I’d go further than she has space to explain and suggest you go through a few year’s cash flow, month by month. Work out how much you’re going to pay yourself (and be realistic – “I won’t take any money for three years while I’m establishing the company” sounds great but you need to keep yourself motivated. Revisit this monthly cash flow chart frequently – a couple of off-target months could be your first sign you’re heading for trouble.

Friends: Emma Jones suggests you need a support network which is right. She suggests this should be made up of “friends” which isn’t such a good idea unless they’re going to be critical friends. Your mates are never going to tell you that your idea for a website all about earwigs is a sure-fire loser, they won’t want to hurt you. An accountant, a bank manager, some other mentor you might know, will be able to offer more forthright feedback.

I’d add from my own experience that you need to plan for a management structure – identify who’s doing what and look for any gaps you might have (like a finance director if you’re rubbish at figures, or a salesperson if you’re timid when it comes to closing the sale) – and account for how you’re going to fill that gap.

Make a checklist of things you need and cost it. Logos, letterheads and websites don’t happen by accident or free of charge but the costs are easy to ascertain by phoning around a bit.

Consider the status of your business. Tomorrow I’ll blog about the advantages of sole trader, partnership, limited liability partnership and limited company – be aware of the implications for each. Consider registering for VAT early on; you can do so voluntarily and you’ll save money initially although you might feel you’re piling on the paperwork. If you opt to register when it’s compulsory consider whether you’re going to increase prices to cover it – businesses won’t care as they get their VAT back, consumers will resent a 20% hike.

Finally ask yourself what your business plan is for. If it’s just for you and to check you’re on target then that’s fine – follow Jones’ plans and you should be OK. If it’s something you want to show potential recruits then you might need to reshape it a little so it reflects where the business is going and how exciting it’s going to be. For the bank, if you’re after a loan, you’ll need to show you’ve assessed many risks and understand the pitfalls so any loan is as safe as you can ensure; for an investor wanting a return the cash flow had better show best-case growth so you can tell them how profitable their investment could be if it all comes off. On the other hand one of the best pieces of advice I ever picked up from reading Twitter at random was that a lot of businesses come unstuck because they’re too focused on the payback and final sale of the company, losing sight of supplying an excellent product or service beforehand.

Oh, and remember circumstances can change rapidly. A business plan needn’t be fixed forever – if there’s an economic upswing or downturn, if there’s any unexpected circumstance, don’t be afraid to rewrite it.

Guy Clapperton

More about: business plan, Finance, plan, statup

Article source: http://feedproxy.google.com/~r/Bizgene/~3/fcgiueUYZeM/

World funniest condom commercial? Facebook hit by viral likejacking attack

Anti-Virus Comments Off

May 312011

Messages are beginning to spread across Facebook, tricking users into clicking on links which claim to point to the world’s funniest condom commercial.

The messages are spreading through a clickjacking scam (sometimes known as likejacking) which means that users do not realise that they are invisibly pressing that they “Like” the video when they try to play it.

A typical message looks something like the following (the actual link can change):

The World Funniest Condom Commercial – LOL
[LINK]
haha its really so funny ~ Dont Miss it !

The scam appears to be being perpetrated by the same gang who have been successfully spreading a “Baby born amazing effect” scam over the last several days.

Clicking on the links, which so far appear to all be hosted on blogspot.com, takes users to a webpage which urges visitors to click to watch the video.

The pages have the headline “The Funniest Condom Commercial”:

Click further at your own discretion – because the clickjacking scam is about to play its part in the scheme. If you try to play the video then you will be unwittingly saying that you “Like” the link, and sharing it with your friends. In this way the link spreads virally across Facebook.

By the way, there is a condom commercial shown at the end of this whole process, but the Argentinian TV advert is available for free on YouTube meaning that there was a way of viewing it which didn’t involve helping the scammers spread their link across the Facebook social network. (Oh, and the video is not that funny).

As regular readers of Sophos’s Facebook page will know, scams like this have been seen on far too many occasions.

Recently announced new Facebook security features were supposed to provide protection against clickjacking/likejacking schemes like this – but once again have unfortunately proven to be ineffectual.

If you were running anti-clickjacking protection, such as the NoScript add-on for Firefox, then you would see a warning message about the attempted clickjacking:

Here’s how you can clean-up your Facebook page.

Find the offending message on your Facebook page, and select “Remove post and unlike”. You could also choose to mark it as spam to alert Facebook’s security team.

Unfortunately that doesn’t completely remove the connection between the mischievous link and your Facebook page. You also need to go into your profile, choose Activities and Interests and remove any pages that you don’t want to “Like”.

Of course, attacks like this would find it much harder to spread if folks were much more careful about the links they clicked on when using Facebook – and if Facebook’s in-built security was more effective at stopping clickjacking attacks.

If you’re on Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

Hat-tip: Thanks to Naked Security reader Josh for first giving us a heads-up about this clickjacking scam spreading on Facebook

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/L_XW_D8vcyI/

Spam king faces jail after admitting child sex charges

Anti-Virus Comments Off

May 312011

One of the world’s most notorious spammers faces jail after admitting that he had sex with under-age girls.

Spam overlord Leonid “Leo” Kuvayev is not facing any computer-related charges at Savyolovsky District Court in Moscow, but is instead answering accusations that he sexually molested girls as young as 13 years of age in the basement of one of his businesses in Leningrad.

Kuvayev has long been a name known to the spam-fighting community, believed to be responsible – amongst other things – for billions of spams related to counterfeit drugs, promoting sites like the Pharmacy Express:

Investigators claim that 38-year-old Kuvayev, who holds dual Russian-American citizenship, committed at least 60 separate sex crimes, luring some of his young victims away from local orphanages and children’s homes.

According to media reports, Kuvayev admitted his partial guilt, but claimed that the girls had consented to have sex with him.

According to a Moscow News report, when police searched Leonid Kuvayev’s offices they found a room containing a shower, sauna, jacuzzi and large bed. Sex toys, a whip and handcuffs were also seized.

Reports indicate that Kuvayev could face up to 20 years in prison for each offence.

I guess it’s always good to hear about a spammer being put out of business once and for all. Frankly, I won’t be shedding any tears when Kuvayev is sentenced.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/3CzcvviyNbo/

IMF boss rape video? Mac malware spreads via Facebook links

Anti-Virus Comments Off

May 312011

Mac OS X malware is being spread by sick messages spreading virally across Facebook, claiming to be a video of controversial IMF boss Dominique Strauss-Kahn.

The fake anti-virus attack first appears in your timeline as a message apparently posted by one of your friends.

oh shit, one more really freaky video O_O

IMF boss Dominique Strauss-Kahn Exclusive Rape Video – Black lady under attack!
[LINK]
IMF chief Dominique Strauss-Kahn rape scandal. Mother of Alleged Rape Victim: Dominique Strauss-Kahn Did Not Want To Be President of France – ABC News

(I have obscured the image used in the message in case it causes offence).

The message’s text refers to the news story of IMF chief Dominique Strauss-Kahn who is facing charges in New York over charges that he tried to rape a hotel maid.

In terms of sick headlines to entrap users, this one ranks right up there. It’s been, of course, a very big news story – and many people have been following the case with interest. And that probably explains why the hackers have used the promise of a video as bait.

Clicking on the link takes you to a webpage, which appears to consist of a still from a sex movie. However, when I visited the page on my Apple Mac I was rapidly redirected to a “Mac Defender”-style fake anti-virus attack, written specifically with the intention of infecting my computer.

Sophos Anti-Virus for Mac intercepted the attack as OSX/FakeAVZp-C.

What’s interesting is that up until now we have mostly seen these fake anti-virus attacks target Mac users by poisoning search engine results. But now we are seeing them being distributed by viral Facebook spam campaigns as well.

It’s probably not too difficult to put yourself in the shoes of a computer user who knows that they are possibly about to watch a seedy video, only to find themselves facing a screen warning them of numerous security threats.

In many ways this is a genius piece of social engineering to frighten unsuspecting Mac users into installing the software and handing over their credit card details.

It’s just a shame that Facebook’s own security systems are currently failing to stop these links from spreading.

Download Sophos’s free anti-virus for Mac home users. It’s automatically updated to protect against the latest threats. Another step you should take is changing the default settings on Safari – it’s not a complete defence, but it can help a little.

And if you’re on Facebook and want to learn more about spam, malware, scams and other threats, you should join the Sophos Facebook page where we have a thriving community of over 80,000 people.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/4qLvg7p9ors/

Cybercrime complacency no laughing matter, police chief warns

Brand Security Comments Off

May 312011

The British public needs to snap out of its complacency about cybercrime or risk becoming victim to increasingly sophisticated criminal networks that are operating online, the head of the country’s e-crime unit has warned.

Janet Williams, who takes the lead on cybercrime at the Association of Chief Police Officers, said people seemed to think that being technophobic was quaint and slightly comical.

She was drumming into her detectives that this was no longer acceptable and that the public needed to change its way of thinking too, she said.

“What worries me is that people still think of cybercrime and cyber-attacks as being a little bit like maths. If you go to a dinner party, someone might say that they don’t really get maths and everyone laughs and titters. “Not being able to understand it is the equivalent of not being able to read.

“It is unacceptable now and on that basis I have been saying to detectives that if they don’t understand what is happening with cybercrime then they shouldn’t be a detective. I really mean that.”

Williams added: “Most of my working life has been in CID and counter-terrorism. I don’t think that in the future detectives will be equipped to be able to deal with these things if they don’t understand the nature of cybercrime and I think that multinational organisations, public and private organisations, need to ensure that they understand the threats to their organisation.”

Asked whether she thought the public also needed to make more effort to understand the dangers, she replied: “Absolutely.”

Williams, one of the most senior officers at Scotland Yard, said business leaders should be ensuring that their firms were properly protected against the theft of valuable intellectual property. “Chief executive officers need to be personally reassured the controls and protections are in place. Intellectual property rights are very important to the UK.”

She said she was particularly concerned that industry and universities had not completely understood the new landscape. “[They] need to think it through. I don’t think there is sufficient appreciation of the risks,” she said.

Williams has set up a “cyber flying squad” based at Scotland Yard, and said her team of 35 detectives and specialists were having significant success.

But she conceded that she needed the help of some of the biggest multinational corporations. Most had sophisticated cyber defences and the ability to track criminals around the world. In many cases, she said, “their intelligence systems are better than ours”.

Williams has asked the Home Office to consider pressing for changes to the system of commission rogatoires – the letters of request for legal or judicial assistance sent by one country to another.

With online criminals able to move across borders in the blink of an eye, police have found that the traditional ways of seeking assistance from other countries are outdated.

“We have made recommendations to the Home Office,” Williams said. “We have outlined the nature of the problem. But it is up to them to find a solution.”

During last week’s visit by the US president, Barack Obama, the UK ratified the Budapest convention on cybercrime, which should speed up investigations in some European countries and the US.

Reliable figures about the scale of crime online are difficult to assess, but GCHQ, the government communications headquarters at Cheltenham, estimates that “a figure well into billions” is credible.

One study earlier this year estimated that cybercrime costs the UK more than £27bn a year.

Police know of hundreds of hacking forums, on which thousands of stolen UK credit card details are available for sale for as little as £1.50.

Whitehall officials said that there was a “noticeable spike” in the use of such forums on Friday and Saturday nights, possibly because people returning home from an evening out might have their guard down and were surfing sites they would otherwise ignore.

Article source: http://www.guardian.co.uk/technology/2011/may/31/cybercrime-online-security-police-warning

Wendy Schollum: Act smart online to help foil cyber crime

News Comments Off

May 312011

The day of the balaclava shrouded, gun wielding burglar seems to be coming to an end. Especially when you consider that the modern thief can steal an estimated $200 million from New Zealanders from the comfort of their own home – all thanks to the ever evolving world of cyber crime.

It’s a cushy lifestyle for the 21st century crook. Setup shop with any “prepay” cellphone, computer and an internet connection (setup under a false or stolen identity) and you’re in business. Your chosen profession made all the more simple by the abundance of New Zealand internet users who divulge personal information, passwords and bank account details through a barrage of common mistakes.

The invent and speedy adoption of social networking sites has provided a raft of positive opportunities for both those seeking to connect with friends and those who want to steal your identity – one of the fastest growing areas of cyber crime.

When participating in online social networking it’s important to educate yourself on the security settings of these sites (usually found in the “help” menu of the website). Most sites default to a “public” view of your profile when you first setup an account.

This means that everything you post (your name, date of birth, address, job history, etc) is available for anyone and everyone to view – all the information a virtual villain needs to steal your identity.

To ensure only those you trust can access detailed information about you, make sure that your profile is setup to only display information to “friends” you have approved.

Furthermore, don’t feel obligated to provide all the information these social networking sites request.

As a rule, I never post my address, full date of birth (I usually only post the day and month, not the year), full work/education history, email address or phone number on my social networking profiles.

My theory is that if people want this type of information, they can ask me for it – giving me an opportunity to assess whether I think they are trustworthy.

I also make it a rule not to add people to my online social network (e.g. become Facebook friends, etc) until I have met them in person.

Indiscriminately adding “friends” provides the perfect opportunity for undesirable people to not only access your details, but also have leverage to access those of your “real life friends”. Be selective about who you let connect with you online.

It is also important to select social networking site passwords that have less emphasis on being easy to remember and more emphasis on being hard to guess. Avoid using details from your life (e.g. your birthday, that of your child, your dog’s name, etc) as a password, as cyber criminals know most people do this and find accessing this information simple.

Also, “Guesser” software, used to hack passwords, will easily dodge security that relies on passwords such as: “password”, “letmein,” “temp,” “123456,” etc. A good password selection tip is to take an easy to remember sentence and turn it into a password. Something like “The itsy bitsy spider went up” might become “tibsWENTup”.

The most effective tools cyber swindlers have are your naivety, greed, pride and good nature. Putting them out of business simply means getting educated and curbing those natural tendencies we all have to look for the quick buck, boast to others (e.g. on social networking profiles) or too readily help those who seem in need.

For more information on protecting yourself from Cyber Crime, please go to: www.consumeraffairs.govt.nz/scamwatch.

Wendy Schollum is a web strategist and Managing Director of Xplore.net Solutions Ltd. If you have a web related question you would like Wendy to answer, please email support@xplore.net, call 0800 100 900 or post to: Xplore.net, PO Box 907, Napier.

Article source: http://www.hawkesbaytoday.co.nz/business/news/wendy-schollum-act-smart-online-to-help-foil-cyber/3953903/

Older Entries