There is a debate in the UK whether prisoners should have the right to internet access, including social media sites like Facebook. From that debate comes the following way around normal prison internet security controls:
British prisoners are banned from using social networking sites like Facebook. Britain — unlike many European countries — bars almost all inmates from access to the Internet, except for educational purposes under supervision. But authorities acknowledge that some have used smuggled mobile phones to update their pages, or have gotten friends on the outside to do it for them.
This obviously works at almost any corporate entity too.
Popularity: 36% [?]
According to the NY Daily News:
The Chinese government tapped sixty mothers to form a “Mom jury” tasked with surfing the Web for porn sites that are deemed indecent for young Internet users
In a nod to the Cold War, Mother China is the new Mother Russia.
Popularity: 13% [?]
According to the Wall Street Journal.
Officials at the National Security Agency have been working with Google Inc. to investigate the cyber attacks that Google announced publicly last month, according to people familiar with the investigation.
A Google spokeswoman declined to comment. NSA didn’t immediately respond to requests for comment.
Popularity: 12% [?]
I’m not sure I like it when Governments do this kind of stuff.
On Tuesday, German Finance Minister Wolfgang Schaüble said the government had agreed to buy a CD from an anonymous informant that contains the stolen bank details of up to 1,500 people who are suspected of evading German taxes by stashing their money in Swiss bank accounts.
I will most likely write more on this case through bloginfosec.com.
Popularity: 9% [?]
This story from the NY Times.
Fraudsters used faked e-mail messages to obtain access codes for individual accounts on national registries that are part of the European Emission Trading System, then carried out a number of transactions before they were discovered, according to a number of European authorities.
Popularity: 4% [?]
Social engineering attacks happen in politics as well as information security. This attack should have been prevented. There should have been a system in place to check credentials before being allowed into the building. This is a common practice at most buildings in Manhattan. One needs to be on a list at the front desk and sign in before being allowed to go to the office level.
According to CNN:
The two men were “each dressed in blue denim pants, a blue work shirt, a light green fluorescent vest, a tool belt and a construction-style hard hat when they entered the Hale Boggs Federal Building,” the release noted.
After they entered the building, the two men told a staffer in Landrieu’s office they were telephone repairmen, according to the release and Rayes’ affidavit. They asked for — and were granted — access to the reception desk’s phone system.
When they asked for further access:
A GSA employee then asked for their credentials, and the two men said they left them in their vehicle, the affidavit said.
Popularity: 16% [?]
The January 25, 2010 issue of Newsweek had the following quote that supports the thesis that the Google/China attack is not an isolated attack but a refection of a mindset as I mentioned in my bloginfosec essay.
At the same time, China has been busily developing the world’s most elaborate apparatus devoted to cyber-spying and cyberattacks. Chinese hacking has ramped up over the past few years, directed not only at human-rights organizations, but, importantly, at foreign businesses and governments. Many, if not most, such attacks originate from China; former National Security Agency director William Studeman has called them the “biggest single problem” facing the U.S. national-security establishment. (link here)
I’ve seen hacking attempts from China since mid-2001 so this really isn’t anything new. What’s important to understand is that it’s State sponsored and considered acceptable in Chinese culture. If you’re conducting business in China you’re information security criteria should most likely be more strict than in the US.
[PS - Sign-up for my newsletter, punk!]
Popularity: 11% [?]