Share This

Showing posts with label Hacker. Show all posts
Showing posts with label Hacker. Show all posts

Monday, August 1, 2016

Take precautions on public wifi, hackers are watching you, travellers !


http://www.thestar.com.my/news/nation/2016/08/01/take-precautions-on-public-wifi-cybersecurity-firm-hackers-can-gather-sensitive-data-via-unsecure-co/

KUALA LUMPUR: If you are surfing the Internet on a public Wi-Fi, always assume someone is watching you out there.

Better yet, do not connect to any public Wi-Fi at all, said LE Global Services (LGMS) executive director Fong Choong Fook, whose private cybersecurity firm employs hackers to test the network security of the country’s major banks.

“I would never use a public Wi-Fi,” he said.

“Even an IT person may not be able to tell if the access point he is connected to is safe or if the activities are being watched.

“There may be signs like your Internet is slowing down but hackers can make it so elegant that you won’t even notice,” he said in an interview.

Malaysia’s national cybersecurity agency CyberSecurity Malaysia (CSM) said hackers could position themselves between a person’s device and the Wi-Fi router and are able to record sensitive data that the surfer is keying into his device.

Hackers can also “create” their own Wi-Fi and trick people into thinking they are connected to a credible public access point like the one from a restaurant, airport or office – when in actual fact these devices are connected to the criminals’ hardware.

Thus, they would be able to remotely watch everything a person is sending out on the Wi-Fi like passwords, e-mails or credit card information.

As frightening as these attacks may sound, Fong said this had been going as early as the 1990s.

Demonstrating to The Star how a hacker could steal information, LGMS set up an “evil twin” Wi-Fi using a laptop and named it after a famous franchise restaurant just below its office in Puchong, Selangor.

Fong connected two devices to this Wi-Fi and proceeded to log into social media, e-mail and Government websites.

Within seconds of logging in, the hacker’s computer began recording the activities in both devices in the experiment – recording every e-mail address, username and password that was keyed in.

Though the demonstration was only meant for the devices in the controlled environment of the LGMS office, three other users got connected to the dummy Wi-Fi, thinking they were linked to the franchise restaurant’s Internet, during the experiment.

“Hackers can target one specific person or they can target everyone in a cafe to get their devices to send all their data through their dummy Wi-Fi

“When they have your information, they can steal your identity. They can pose as you on Facebook, or send out e-mails to your contacts under your account,” he said.

Fong advised users to avoid connecting to public Wi-Fi or to only limit their browsing to Internet searches if they must connect to one.

The firm also suggested users to subscribe to VPN (virtual private network) technologies to secure their traffic.

VPN encrypts data on devices, making it hard for hackers to spy on the user’s online activities. Most VPNs are available on a subscription basis, much like an anti-virus programme.

So far this year, CSM has recorded eight instances where private Wi-Fi networks were hacked and 1,462 cases of online intrusions have been reported, which is nearly double the number of incidents compared to the same period in 2015.

It advised users to keep their Internet browsers up to date and to disable the feature which automatically saves password in the cache –as it makes it easier for criminals to steal.

by Nicholas Cheng The Star/Asia News Network

82% of travellers would use public Wi-Fi



KUALA LUMPUR: You are on a holiday in a foreign country. Naturally, you want to upload pictures to your Facebook or send messages to your friends back home or trawl the Internet for places to visit.

Chances are there is no Internet data connection where you are and you would search for whatever free Wi-Fi there is at the airport, hotel or cafe to stay connected.

An estimated 82% of travellers would choose to connect with unsecured public Wi-Fi, a practice which could up risks of cyberattacks, said Kasper­sky Lab.

The cybersecurity company surveyed 11,850 people worldwide and found that people on holiday would be carefree when it comes to their personal data protection.

The study found that 42% of travellers said they were less likely to care about the credibility of the Wi-Fi when they were on holiday compared to on business travels.

A third (33%) admitted to visiting websites of sensitive nature using foreign Wi-Fi, while almost half of the respondents conducted online banking (48%), shopped online (46%) and made private calls (35%) when they were abroad.

In a separate study, it found that at least 22% of travellers who conducted transactions online had experienced money loss while 8% had had a credit card compromised while in a foreign country.

Most of the time, victims do not even know they are being watched.

CSM advised users to keep an eye on their devices’ firewall alerts. Any trigger may indicate that a third party may be trying to access their devices illegally.

A report by MasterCard estimates that 10.9 million Malaysians travelled for overseas holidays in 2014, with the numbers expecting to hit 15.2 million by 2020.

The Kaspersky study also found that people were more likely to throw caution to the wind while on holiday with respondents saying they were 18% more likely to let strangers handle their smartphones to take pictures, 28% more likely to leave their devices unsupervised, 18% more likely to contact strangers online and 6% more likely to engage in “sexting”.

Related posts:


Jun 14, 2012 ... Hackers may cause Internet users to become victims of Evidence Act ... According to Cybersecurity Malaysia, an average of eight personal accounts ... special devices in the market that enabled anyone to “sniff” WiFi networks.


Dec 21, 2014 ... 2014 has seen a tsunami of epic hacks and identity thefts, including the ... said the prominent data leaks of 2014 would keep cyber security in ...

Friday, March 25, 2016

Chinese hacker pleads guilty, deserves respect whether guilty or innocent


A Chinese national named Su Bin pleaded guilty in the US on Wednesday to conspiring to hack into the computer networks of several major US defense contractors to obtain sensitive information, according to a US Department of Justice statement. The information allegedly includes technical files about F-22 and F-35 fighter jets and C-17 military transport aircraft.

The statement says "Su Bin admitted to playing an important role in a conspiracy, originating in China," where he has two accomplices. Some US media have conjectured that the two accomplices must be Chinese military personnel.

Su was arrested in Canada in July 2014, and was handed over to the US this February. The Chinese government has denied any involvement in Su's case, and the Chinese Ministry of Foreign Affairs has asked the US to ensure the privacy and legal rights of Chinese citizens on US soil.

Plea bargaining is a common US judicial practice. Defendants can plead guilty in exchange for softer punishments. The disadvantage of this practice is that it is hard to know what the defendants truly think, and whether there might be any wrongs in the judgments.

Every country is gathering intelligence. The largest and most well-known information-collecting agencies are the CIA and FBI in the US. The FBI has even listed China as their top target. Recent years have seen the FBI arresting quite a few "Chinese spies," but most of them proved to be innocent. In the meantime, China has kept a low profile in reporting the exposure of US spies out of various considerations.

In most cases, governments won't acknowledge these spies after they have been caught. For example, whenever China intercepted spies from Western countries, the governments they served routinely denied any connection and even mobilized the Western media to attack China's human rights and win over sympathy.

We have no reliable source to identify whether Su has stolen these secrets and transferred them to the Chinese government. If he has, we are willing to show our gratitude and respect for his service to our country. On the secret battlefield without gunpowder, China needs special agents to gather secrets from the US. As for Su, be he recruited by the Chinese government or driven by economic benefits, we should give him credit for what he is doing for the country.

If Su was wronged and forced to plead guilty, he should have our sympathy. As the "war of information" between China and the US continues, there will probably be more Chinese framed as spies and jailed in the US. This is a tragedy of the times, and we hope the Chinese working in sensitive professions in the US can protect themselves.

At the helm of international public discourse, the US is able to define whether certain activities are espionage or not. When US espionage is exposed, the US media will try to divert public attention and tone down the case. But when the CIA or FBI catches suspects, hyperbole about these cases makes headlines in US media.

The most infamous case is that of Edward Snowden, who revealed the global US surveillance program PRISM. The whistleblower is wanted by the US government, which refuses to reflect on its behavior, but keeps criticizing China for espionage without solid proof.

China lags behind the US in technology. The existence of US cyberspace military forces is openly known to the public, and its capability is way higher than Chinese "hackers." But it doesn't mean that China cannot fight back in the face of ill-founded US accusations of Chinese spies. China should uncover Washington's brazen hypocrisy with concrete evidence. - Global Times

Related posts:
 
Jun 23, 2013 ... Revelations about PRISM, a US government program that harvests data on the ... against the US Internet surveillance program of the NSA, PRISM, .... US Spy Snowden Says U.S. Hacking China Since 2009 ... Labels: civil liberties , Computer hackers , Cyber Attacks , Edward Snowden , Espionage , FBI ...

May 21, 2014 ... Documents leaked by former Central Intelligence Agency contractor Edward Snowden detailed the National Security Agency's (NSA) ...

May 20, 2014 ... After the Prism program leaked by Edward Snowden, the United States was accused by the whole world. However, it has never made ...
Oct 31, 2013 ... ... intelligence whistleblower Edward Snowden.A top secret map dated August 13 , 2010 lists nearly a hundred surveillance facilities worldwide, ...


Jun 4, 2014 ... In June 2013, Edward Snowden, a former US National Security Bureau contractor, revealed US intelligence agencies were conducting ...
May 22, 2014 ... ... charging five Chinese nationals of alleged commercial espionage, citing Edward Snowden's revelations of US spying operations worldwide.

A spokesperson for China's State Internet Information Office on Monday published the latest data of U.S. cyber attack, saying that Chinese... 


As the most notorious surveillance country, the U.S. indictment of Chinese military officers seems almost insolent in a world still reeli...

Sunday, November 6, 2011

Malaysian hacker jailed in US


By JOSEPH KAOS Jr  joekaosjr@thestar.com.my

WASHINGTON: A US District judge sentenced a Malaysian to 10 years in prison for hacking into the US Federal Reserve and other banks.
United States - Federal Reserve System
Lin Mun Poo, a Malaysian citizen, had admitted earlier this year to hacking into the US central bank, various private financial institutions and possessing stolen bank card and credit card numbers, officials said.

According to AFP, he also admitted to hacking into a Fed computer server and installing a malicious software code there.

Lin, who is from Ipoh, travelled to the United States in October last year “for the purpose of selling stolen credit card and bank card numbers” but a purchaser was in fact an undercover US agent, according to prosecutors.

When he was arrested, Lin held over 122,000 stolen bank card and credit card numbers.

The US Justice Department said Lin's “cybercrime activities also extended to the national security sector”, including hacking into the computer system of a Pentagon contractor that provides systems management services for military transport and other military operations.



“Today's sentence sends the message to hackers around the world that the United States is no place to conduct their business,” US Attorney Loretta Lynch said in a statement on Friday.

Dhillon Andrew Kannabhiran, founder and chief executive officer of hackers community Hack in The Box, said the stiff 10-year sentence was meant to deter hackers from hacking into government networks.

“Details of the case are not clear to me, but you can argue that 10 years for computer crime is harsh by any standards,” Dhillon told The Star.

“It's definitely a sentence which is meant to send a message.”

Dhillon said the hacker was “asking for trouble”.

Hacking is a tool. Just like a knife can be used by a chef to prepare a meal or to stab someone. It is your motives that sets you apart. People who use their skills to commit financial fraud are not hackers, but just criminals,” he said.

Lin, according to a fellow hacker, deserved his punishment.

“Most hackers have the skills to breach a computer security system. But once you use your skills for malice, then you have committed a crime,” said a computer security consultant who wished to be identified as Sam.

“If you are caught, you deserve to be punished like any other criminal.”

Sam said most people with hacking expertise, like himself, were hired by companies to “test” their computer security system.

“Most of us use our skills to make a decent, legitimate living.”

 Related post: 

Tuesday, June 28, 2011

The new anarchists - Are Hackers The 21st Century’s First Revolutionary Movement?






Hackers’ efforts to fight the power may lead to a backlash


Peter Steiner’s now famous cartoon for the New Yorker, “On the Internet, nobody knows you’re a dog,” first appeared in 1993 but didn’t, according to the artist, receive much attention until the Internet became more familiar to people. It was a rare instance of a cartoon doing what it’s not supposed to do, gaining relevance over time as people understand just how pithily it captured an essential truth. This, surely, elevates it to one of the most important cartoons in history (Steiner told the New York Times in 2000 that he felt a little like the person who invented the smiley face).

History has shown Steiner’s vision to be much too benign, and the cyber events of the past year — hacking and theft on the scale of 18th-century piracy — demand an update, perhaps along the lines of, “On the Internet, no one knows you’re China.” But even that may have been spoiled after the events of this week, which saw the appearance of an alliance between two groups of clandestine hackers, Anonymous and LulzSec, both of which have been implicated in numerous high profile security breaches.

In a statement announcing “Operation Anti-Security,” LulzSec declared that “the government and white hat security terrorists across the world continue to dominate and control our Internet ocean … we encourage any vessel, large or small, to open fire on any government or agency that crosses their path.”



This was accompanied by “an open letter to citizens of the United States of America” on Anonymous’ news site, which sounded uncannily tea party-ish in its call on Americans to “wake up” and take back their liberties from a corrupt government.

To judge from the reaction of some information security experts, the alliance was on the scale of Germany teaming up with Japan during World War II. Except by the end of the week, LulzSec was apparently calling it quits, alarmed, perhaps, by the arrest of an alleged member in Britain and the attempts by other hackers to expose their identities.

With subterfuge as the name of the info-war game, the virtual equivalent of smoke and mirrors makes it difficult to say what’s true and what might be misdirection, especially with organizations that are leaderless and decentralized. But here’s the upshot of this recent cycle of cyber shenanigans: On the Internet, one person’s freedom fighter is another’s terrorist.

Technological prowess has given hackers an extraordinary sense of political entitlement. It’s easy to theorize about how the world should work if your only engagement with it is through a computer and you’re in your teens or 20s. But weaponize your theories through hacking and you’re all but certain to lose the public, who will demand ever more stringent crackdowns and restrictive laws that, in turn, will push some hackers to even more extreme responses.

At the same time, the hacker collectives do possess a technological prowess that is beyond the imagining of most people, and with a deep understanding of how technology works, there is the privilege of insight. The explosive development of the Web raises serious, complex questions about ownership, privacy and freedom. And if these are ignored by politicians, or dominated by commercial interests, or dismissed by a mainstream media averse to complexity, then hacker frustrations will turn to direct action as a way of getting attention.

This is, after all, what non-governmental organizations and other advocacy groups do on a much more limited scale to promote their interests. (Still, it’s one thing to disrupt traffic with a protest march; it’s another to disrupt Internet traffic with a denial-of-service attack.)

The question is what kind of politics is this technology empowering? If you don’t acknowledge genuine concerns or even good faith in the info security community, if government is irredeemably corrupt, then you haven’t just abandoned politics, you’re anti-political; all that’s left is a war of attrition.

Oddly, the most useful insights on hacker culture may come from a re-engagement with the politics of anarchism, as noted in a review of new books on the subject in the summer issue of BookForum by Columbia historian Mark Mazower. While Mazower makes a mistake, in my view, in seeing revolutionary politics as still being mediated through academic leftism rather than through technology, his point — that the anarchist theories of the 19th century are more relevant than Marx to explain the present political conditions — is timely.

Anarchism’s combination of individual commitment, ethical universalism and deep suspicion of the state as a political actor mark it out as the ideology of our times,” writes Mazower, before ending his piece with the claim that “we are all anarchists now.”

But we’re not. We are disenfranchised because today’s anarchism belongs to the hackers — and they have the means to make much better bombs. Whether the alliance between LulzSec and Anonymous was ever real or not, it defines the new ideological reality of our times: the network as an emerging anarchic state actor. Whether we like it or not, this politics of technology forces us toward libertarianism, to maximal freedom, because the alternatives — anarchy and control — are dancing toward disaster.

Newscribe : get free news in real time