Showing posts sorted by relevance for query cyber criminal. Sort by date Show all posts
Showing posts sorted by relevance for query cyber criminal. Sort by date Show all posts

EU Opens The Door of European Cybercrime Centre (EC3) To Protect Europe From Cyber Threat

Posted by Avik Sarkar On 1/13/2013 05:51:00 pm

EU Opens The Door of European Cybercrime Centre (EC3) To Protect Europe From Cyber Threat

We all are aware of FBI's Internet Crime Complaint Center also known as IC3, which is protecting U.S. citizen from cyber criminals and attacks. But the cyber world is not limited to U.S. so as cyber criminals, and to get rid of this and while protecting every countries digital fence safe and secure there need to be organizations like IC3. All the growing and developing countries across the globe are in rush to ensue maximum digital and cyber security. This same rush and impact also applies for Europe countries and the result is in front of us. As the fight against cyber crime in Europe has got a new home. The European Cybercrime Centre (EC3) officially open its doors from this January 11, at the European Police Office, Europol in the Hague. In the middle of last year European Commission declared that are preparing a cybercrime center to fight against cyber threats. And after an effort of six months they made it possible and live for the people of Europe. Such organization will surely enhance the cyber security of European countries.  In the official press release EUROPA said "EC3 will be up and running to help protect European citizens and businesses from cyber-crime." 

EC3 officially commenced its activities on 1 January 2013 with a mandate to tackle the following areas of cybercrime: 
  • That committed by organised groups to generate large criminal profits such as online fraud
  • That which causes serious harm to the victim such as online child sexual exploitation
  • That which affects critical infrastructure and information systems in the European Union

According to the press release of European Commission - "The Cybercrime Centre will give a strong boost to the EU's capacity to fight cybercrime and defend an internet that is free, open and secure. Cybercriminals are smart and quick in using new technologies for criminal purposes; the EC3 will help us become even smarter and quicker to help prevent and fight their crimes", said Commissioner Malmström.
"In combatting cybercrime, with its borderless nature and huge ability for the criminals to hide, we need a flexible and adequate response. The European Cybercrime Centre is designed to deliver this expertise as a fusion centre, as a centre for operational investigative and forensic support, but also through its ability to mobilise all relevant resources in EU Member States to mitigate and reduce the threat from cybercriminals wherever they operate from", said Troels Oerting, Head of the European Cybercrime Centre
Investigations into online fraud, child abuse online and other cybercrimes regularly involve hundreds of victims at a time, and suspects in many different parts of the world. Operations of this magnitude cannot be successfully concluded by national police forces alone.
The opening of the European Cybercrime Centre (EC3) marks a significant shift in how the EU has been addressing cybercrime so far. Above all, the approach of the EC3 will be more forward-thinking and inclusive. It will pool expertise and information, support criminal investigations and promote EU-wide solutions.
The EC3 will focus on illegal online activities carried out by organised crime groups, especially attacks targeting e-banking and other online financial activities, online child sexual exploitation and those crimes that affect the critical infrastructure and information systems in the EU.
The Centre will also facilitate research and development and ensure capacity building among law enforcement, judges and prosecutors and will produce threat assessments, including trend analyses, forecasts and early warnings. In order to dismantle more cybercrime networks and prosecute more suspects, the EC3 will gather and process cybercrime related data and will provide a Cybercrime Help desk for EU countries' law enforcement units. It will offer operational support to EU countries (e.g. against intrusion, fraud, online child sexual abuse, etc.) and deliver high-level technical, analytical and forensic expertise in EU joint investigations. 

For Detailed Information Please Visit The Official Website of Europol's EC3 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

European Parliament Proposed Strict Punishment For Hackers

Posted by Avik Sarkar On 4/02/2012 03:18:00 am

European Parliament Proposed Strict Punishment For Hackers 

Europe countries are now taking cyber crimes more seriously. Recently The Civil Liberties Committee of the European Parliament has backed a draft law which immediately increases punishment for cyber criminals for attacks on IT systems within EU member states to at least two years of prison. Possessing or distributing hacking software and tools would also be regarded as an offense, and companies would be liable for cyber attacks committed for their benefit. If an attacker engaged a Denial of Service attack (DoS) or an attack through botnet, then immediately he will be sent behind bar for at-least five years
The proposal, which would update existing EU legislation on cyber attacks, was approved with by 50 votes in favour, 1 against and 3 abstentions. "We are dealing here with serious criminal attacks, some of which are even conducted by criminal organizations. The financial damage caused for companies, private users and the public side amounts to several billions each year" said rapporteur Monika Hohlmeier (EPP, DE). "No car manufacturer may send a car without a seatbelt into the streets. And if this happens, the company will be held liable for any damage. These rules must also apply in the virtual world" she added. 
  • Other Punishable Offenses :- 
IP spoofing-
Using another person's electronic identity (e.g. by "spoofing" their IP address), to commit an attack, and causing prejudice to the rightful identity owner would also be an aggravating circumstance - for which MEPs say Member States must set a maximum penalty of at least three years. MEPs also propose tougher penalties if the attack is committed by a criminal organisation and/or if it targets critical infrastructure such as the IT systems of power plants or transport networks. However, no criminal sanctions should apply to "minor cases", i.e. when the damage caused by the offence is insignificant.
Cyber-attack tools -
The proposal also targets tools used to commit offences: the production or sale of devices such as computer programs designed for cyber-attacks, or which find a computer password by which an information system can be accessed, would constitute criminal offences. Liability of legal persons Legal persons would be liable for offences committed for their benefit (e.g. a company would be liable for hiring a hacker to get access to a competitor's database), whether deliberately or through a lack of supervision. They would also face penalties such as exclusion for entitlement to public benefits or judicial winding-up. To resist cross-border cyber-attacks, Member States need to ensure that their networks of national contact points are available round the clock, and can respond to urgent requests within a maximum of eight hours, says the text.
Background -
Large-scale cyber-attacks took place in Estonia in 2007 and Lithuania in 2008. In March 2009, public and private sector IT systems in more than 103 countries were attacked using a "zombie" network of compromised, infected computers.
Next steps -
The Rapporteur aims for a political agreement between Parliament and Council on this Directive by the summer.


-Source (European Parliament / News)



 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet

Posted by Avik Sarkar On 12/08/2013 01:14:00 am

Microsoft Along With FBI & EC3 Shattered The Notorious ZeroAccess Botnet Responsible For Infecting More Than 2 Million Computers
Redmond based software giant Microsoft yet again got a huge success against a big racket of cyber criminals while shattering one of the world's largest and most rampant botnets named 'ZeroAccess'. The Sirefef botnet, also known as ZeroAccess, is responsible for infecting more than 2 million computers, specifically targeting search results on Google, Bing and Yahoo search engines, and is estimated to cost online advertisers $2.7 million each month. Tech giant Microsoft working alongside the Federal Bureau of Investigation (FBI), Europol's European Cybercrime Centre (EC3) have successfully disrupted this notorious botnet. This is Microsoft’s first botnet action since the Nov. 14 unveiling of its new Cybercrime Center — a center of excellence for advancing the global fight against cyber crime — and marks the company’s eighth botnet operation in the past three years.

“This operation marks an important step in coordinated actions that are initiated by private companies and, at the same time, enable law enforcement agencies around Europe to identify and investigate the criminal organizations and networks behind these dangerous botnets that use malicious software to gain illicit profits,” said Troels Oerting, head of the EC3. “EC3 added its expertise, information communications technology infrastructure and analytic capability, as well as provided the platform for high-level cooperation between cyber crime units in five European countries and Microsoft.”
Due to its botnet architecture, ZeroAccess is one of the most robust and durable botnets in operation today and was built to be resilient to disruption efforts, relying on a peer-to-peer infrastructure that allows cyber criminals to remotely control the botnet from tens of thousands of different computers. ZeroAccess is used to commit a slew of crimes, including search hijacking, which “hijacks” people’s search results and redirects people to sites they had not intended or requested to go to in order to steal the money generated by their ad clicks. ZeroAccess also commits click fraud, which occurs when advertisers pay for clicks that are not the result of legitimate, interested human users’ clicks, but are the result of automated Web traffic and other criminal activity. Research by the University of California, San Diego shows that as of October 2013, 1.9 million computers were infected with ZeroAccess, and Microsoft determined there were more than 800,000 ZeroAccess-infected computers active on the Internet on any given day.



How It Happened:- 
Last week, Microsoft filed a civil suit against the cyber criminals operating the ZeroAccess botnet and received authorization from the U.S. District Court for the Western District of Texas to simultaneously block incoming and outgoing communications between computers located in the U.S. and the 18 identified Internet Protocol (IP) addresses being used to commit the fraudulent schemes. In addition, Microsoft took over control of 49 domains associated with the ZeroAccess botnet. A10 Networks provided Microsoft with advanced technology to support the disruptive action.
As Microsoft executed the order filed in its civil case, Europol coordinated a multijurisdictional criminal action targeting the 18 IP addresses located in Europe. Specifically, Europol worked with Latvia, Luxembourg, Switzerland, the Netherlands and Germany to execute search warrants and seizures on computer servers associated with the fraudulent IP addresses located in Europe. This is the second time in six months that Microsoft and law enforcement have worked together to successfully disrupt a prevalent botnet. It demonstrates the value coordinated operations have against cyber criminal enterprises. For more information about this botnet operation click here

ZeroAccess is counted as a very sophisticated malware, blocking attempts to remove it, therefore recommended for every Microsoft user to click Here for detailed instructions on how to remove this threat. As Microsoft found that the ZeroAccess malware disables security features on infected computers, leaving the computer susceptible to secondary infections, it is critical that victims rid their computers of ZeroAccess by using malware removal or antivirus software as quickly as possible. 
In conversation with press David Finn, executive director and associate general counsel of the Microsoft Digital Crimes Unit said -“Microsoft is committed to working collaboratively — with our customers, partners, academic experts and law enforcement — to combat cybercrime. And we’ll do everything we can to protect computer users from the sinister activities and criminal networks that victimize innocent people and businesses around the world.” 

While talking about ZeroAccess botnet take down, I would like to remind you that in Match, last year Microsoft has successfully shutdown two command and control (C&C) server of world's of the most dangerous banking trojan Zeus.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Now anyone can be a cyber criminal

Posted by Avik Sarkar On 5/15/2011 03:26:00 pm



Cyber crime is no longer the exclusive domain of nerds with advanced coding and hacking skills. Thanks to simple and affordable, DIY downloadable crimeware, even novices can jump into what has turned into a global industry.
This is a far cry from the days when hacks were motivated more by the thrill of the kill than monetary gain, with even Steve Jobs and Steve Wozniak (Apple’s co-founders) allegedly on their rolls. It’s in the last decade, with the widening reach of the internet, that cyber crime turned virulent, as viruses like Melissa and I Love You clogged inboxes and spawned a multi-billion-dollar anti-virus software industry. And now, with the DIY attack kits, cybercrime is evolving into an extremely profitable, distributed global entity.
These malware toolkits aren’t just professional, marketable, and easy to deploy, they’re even being sold on a subscription model with after sales support.
Mpack, Neosploit, ZeuS, Nukespoilt P4ck, Phoenix … there’s an array of choices for script kiddies (those with minimal coding skills). “These kits come with features like encryption and hardware-based licensing, which one would find in enterprise-grade software,” says cyber sleuth Prasanna V, principal consultant of information security with Packet Verify. They enable users to launch pre-written threats against computer systems, and also customise them.
The United States, Russia, China, the UK, Germany, Brazil and Eastern European countries like the Ukraine are considered the hotbeds for development of such kits, and the damage they’re causing is already evident. According to a report by Symantec Corp, there was a 93% increase in web-based attacks in 2010 compared to the previous year, driven primarily by the prevalence of attack toolkits.
The modus operandi:
Most of the toolkits share a few common behavioural patterns, say Dr Madhupani and Dr Srinivas, technology experts with Cyber Security Works. “These can include capabilities to penetrate into browser processes, take screenshots of the victim’s machine or control it remotely, hijack e-banking sessions, add pages to a website and monitor them or steal passwords that have been stored by popular programs/browsers.” Users are lured through phishing websites, spam emails, download websites, freeware, or malicious codes inserted in legitimate programs.
What’s more worrying is that malware attacks from toolkits are difficult to monitor and curb because of both technological and legal factors. The cyber laws in most countries are largely inadequate to deal with the scale and reach of the crime. For example, a tool kit can enable a cyber criminal in Nigeria to spoof an Indian bank to send phishing emails to trick users in India. The network of cyber crime is spread so wide that it demands a coordinated effort by law enforcement agencies from all over the world that, as of now, is nonexistent.
On the technical side, “toolkits enable hackers to continuously generate new mutated malware variants, each targeting a different victim, making traditional discovery and fingerprinting of these threats nearly impossible,” says Ajay Goel, managing director, Symantec for India and SAARC.
On your guard:
So what can you do to protect yourself? For starters, realise that security does not start and end with an antivirus kit or a firewall, quips Prasanna. “Do not perform any financial transactions from shared systems like cyber cafes. Avoid connecting to free Wi-Fi hotspots. Scan USB before using. Stay away from suspicious websites and emails, limit the amount of personal information you give out on social networking sites like Facebook or Orkut,” he warns. “Finally, set the ‘automatic update’ option ON in all applications.”
Cyber Security Works issues another guideline: “Treat information the way you would treat your money.”

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI Wanted Cyber Criminal Hamza Bendelladj Arrested in Thailand

Posted by Avik Sarkar On 1/08/2013 02:52:00 pm

FBI Wanted Cyber Criminal Hamza Bendelladj Arrested in Thailand

Another FBI listed cyber criminal get nabbed. The suspect named Hamza Bendelladj of 24 yrs have been arrested in late Sunday night during a layover at Thailand’s international airport while traveling from Malaysia to Egypt. According to the officials Bendelladj is an Algerian national wanted by the United States Federal Bureau of Investigation (FBI) for allegedly making tens of millions of dollars from cyber crime. Police confiscated two laptops, a tablet computer, a satellite phone and a number of external hard drives from Bendelladj. According to the officials FBI had been pursuing Bendelladj for nearly three years. U.S. authorities believe the suspect hacked private accounts in more than 217 banks and financial companies worldwide, causing about $10 million in losses per transaction. After this arrest, he will be extradited to the U.S. state of Georgia, where a district court has issued an arrest warrant. In an exclusive report Bangkok Post said -a smiling Bendelladj, who was present at the press conference, denied claims by the Thai authorities that he was on the FBI's top-10 most wanted list. "I'm not in the top 10, maybe just 20th or 50th," the Algerian suspect said with a laugh. "I am not a terrorist."



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York

Posted by Avik Sarkar On 2/01/2013 08:53:00 pm

3 Russian Cyber Criminal Who Was The Master Mind of Banking Trojan 'Gozi' Charged in New York 

Yet again another serious issue of cyber crime get resolved when the FBI tracked and figured out the master mind of infamous 'Gozi banking Trojan' which effected more than millions of system world wide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks. Three alleged international cyber criminals from Russia, responsible for creating and distributing 'Gozi' that infected over one million computers and caused tens of millions of dollars in losses charged in Manhattan Federal Court. Mihai Ionut Paunescu aged 28, a Romanian, Deniss Calovskis, 27, a Latvian, and Nikita Vladimirovich Kuzmin, 25, of the Russian Federation, are charged with computer intrusion, conspiracy to commit bank and wire fraud and access device fraud. Federal authorities said the three were arrested last week; Kuzmin is being held in New York, while Paunescu is in custody in Romania and Calovskis in Latvia. 
According to the press release of FBI -Deniss Calovskis, a/k/a “Miami,” a Latvian national who allegedly wrote some of the computer code that made the Gozi virus so effective, was arrested in Latvia in November 2012. Mihai Ionut Paunescu, a/k/a “Virus,” a Romanian national who allegedly ran a “bulletproof hosting” service that enabled cyber criminals to distribute the Gozi virus, the Zeus trojan, and other notorious malware and to conduct other sophisticated cyber crimes, was arrested in Romania in December 2012. 

The cases are being handled by the Complex Frauds Unit of the United States Attorney’s Office. Assistant United States Attorneys Sarah Lai, Nicole Friedlander, and Thomas G.A. Brown, along with Trial Attorney Carol Sipperly of the Computer Crime and Intellectual Property Section of the Department of Justice on the Paunescu case, are in charge of the prosecution. The charges contained in the Indictments are merely accusations, and the defendants are presumed innocent unless and until proven guilty.

DefendantAge and ResidenceChargesMaximum Penalty
Nikita Kuzmin25; Moscow, RussiaConspiracy to commit bank fraud; bank fraud; conspiracy to commit access device fraud; access device fraud; conspiracy to commit computer intrusion; computer intrusion95 years in prison
Deniss Calovskis27; Riga, LatviaConspiracy to commit bank fraud; conspiracy to commit access device fraud; conspiracy to commit computer intrusion; conspiracy to commit wire fraud; conspiracy to commit aggravated identity theft67 years in prison
Mihai Ionut Paunescu28; Bucharest, RomaniaConspiracy to commit computer intrusion; conspiracy to commit bank fraud; conspiracy to commit wire fraud60 years in prison


Brief About Gozi:-
The Gozi virus is malicious computer code, or “malware,” that steals personal bank account information, including usernames and passwords, from the users of affected computers. It was named by private sector information security experts in the U.S. who, in 2007, discovered that previously unrecognized malware was stealing personal bank account information from computers across Europe on a vast scale, while remaining virtually undetectable in the computers it infected. To date, the Gozi virus has infected over one million victim computers worldwide, among them at least 40,000 computers in the U.S., including computers belonging to the National Aeronautics and Space Administration (NASA), as well as computers in Germany, Great Britain, Poland, France, Finland, Italy, Turkey, and elsewhere, and it has caused tens of millions of dollars in losses to the individuals, businesses, and government entities whose computers were infected.

The Gozi virus was distributed to victims’ computers in several different ways. In one method, the virus was disguised as an apparently benign .pdf document which, when opened, secretly installed the Gozi virus on the victim’s computer. Once installed, the Gozi virus—which was intentionally designed to be undetectable by anti-virus software—collected data from the infected computer in order to capture personal bank account information including usernames and passwords. That data was then transmitted to various computer servers controlled by the cyber criminals who used the Gozi virus. These cyber criminals then used the personal bank account information to transfer funds out of the victims’ bank accounts and ultimately into their own personal possession.


For Detailed Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders

Posted by Avik Sarkar On 10/31/2012 06:09:00 am

FBI's Cybercrime Unit Taken New Initiative to Nab Hackers & Intruders 

The month of October has been declared by FBI as the National Cyber Security Awareness Month of 2012 , and in the last week of this month the cyber crime division of FBI has started a new program which will specially emphasis on hackers and intrusion. The main aim of this program is to focusing on hackers and to prevent cyber crime. Last month  Federal Bureau of Investigation (FBI) has issued a report based on information from law enforcement and complaints submitted to the Internet Crime Complaint Center (IC3) detailing recentcyber crime trends and new twists to previously-existing cyber scams. Now the recent movement of FBI will surely inject fear into the heart & mind of hackers. According to FBI's official release - Early last year, hackers were discovered embedding malicious software in two million computers, opening a virtual door for criminals to rifle through users’ valuable personal and financial information. Last fall, an overseas crime ring was shut down after infecting four million computers, including half a million in the U.S. In recent months, some of the biggest companies and organizations in the U.S. have been working overtime to fend off continuous intrusion attacks aimed at their networks. The scope and enormity of the threat—not just to private industry but also to the country’s heavily networked critical infrastructure—was spelled out last month in Director Robert S. Mueller’s testimony to a Senate homeland security panel: “Computer intrusions and network attacks are the greatest cyber threat to our national security.”
To that end, the FBI over the past year has put in place an initiative to uncover and investigate web-based intrusion attacks and develop a cadre of specially trained computer scientists able to extract hackers’ digital signatures from mountains of malicious code. Agents are cultivating cyber-oriented relationships with the technical leads at financial, business, transportation, and other critical infrastructures on their beats. 

Today, investigators in the field can send their findings to specialists in the FBI Cyber Division’s Cyber Watch command at Headquarters, who can look for patterns or similarities in cases. The 24/7 post also shares the information with partner intelligence and law enforcement agencies—like the Departments of Defense and Homeland Security and the National Security Agencyon the FBI-led National Cyber Investigative Joint Task Force.
A key aim of the Next Generation Cyber Initiative has been to expand our ability to quickly define “the attribution piece” of a cyber attack to help determine an appropriate response, said Richard McFeely, executive assistant director of the Bureau’s Criminal, Cyber, Response, and Services Branch. “The attribution piece is: who is conducting the attack or the exploitation and what is their motive,” McFeely explained. “In order to get to that, we’ve got to do all the necessary analysis to determine who is at the other end of the keyboard perpetrating these actions.”
The Cyber Division’s main focus now is on cyber intrusions, working closely with the Bureau’s Counterterrorism and Counterintelligence Divisions.  “We are obviously concerned with terrorists using the Internet to conduct these types of attacks,” McFeely said. “As the lead domestic intelligence agency within the United States, it’s our job to make sure that businesses’ and the nation’s secrets don’t fall into the hands of adversaries.”
In the Coreflood case in early 2011, hackers enlisted a botnet—a network of infected computers—to do their dirty work. McFeely urged everyone connected to the Internet to be vigilant against computer viruses and malicious code, lest they become victims or unwitting pawns in a hacker or web-savvy terrorist’s malevolent scheme.
“It’s important that everybody understands that if you have a computer that is outward-facing—that it’s connected to the web—that your computer is at some point going to be under attack,” he said. “You need to be aware of the threat and you need to take it seriously.” 


To Listen the Podcast of FBI's "“The intrusions are occurring 24/7, 365 days a year.” Click Here






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Dutch Govt. Setup National Cyber Security Centre (NCSC) To Protect Cyber-Crime

Posted by Avik Sarkar On 1/15/2012 09:56:00 pm


Now the Dutch Govt. is also paying attention to secure the Cyber Fence. To protect cyber crime and enhance cyber security The Dutch government has set up a new National Cyber Security Centre (NCSC) to deal with with the growing problem of online crime. The NCSC, which is a public-private partnership, commenced operations on 1 January 2012. Its ambition is to grow, in a phased manner, into the cooperation platform for cyber security in the Netherlands. In 2011 more than 123K web pages of Netherland was infected by Lilupophilupop attack and also recently a Hacker Group named The Hackers Army has hacked thousand of  Dutch sites while running their operation named #OPfreePalestine. Dutch cyber fence also been target from different part of the world. So this newly formed NCSC was indeed needed by Dutch Authorities.  
In the Netherlands several government departments are involved in the fight against cyber crime - and that's precisely the problem. The NCSC should improve coordination between them. The centre will bundle together a lot of knowledge and expertise. The NCSC is composed of over sixty people and will deal especially with the major issues. Wouter Stol is cyber safety expert at the NHL University of Applied Sciences in Leeuwarden.
He sees the NCSC as a good start:- "It's a clear move to streamline the approach to cybercrime. But it's not just about coordination. There's far too little knowledge in the public sector. How do you handle the problems with cyber crime? How do you organize it? Much remains to be done."

The fight against cybercrime is still in its infancy, according Mr Stol. First you have to map properly how cybercrime - nationally and internationally - actually works. Cyber criminals are a difficult group because they often don't operate from a fixed location. An efficient response is only possible through international cooperation that is fast and smooth. To keep up with the technical know-how of the cyber criminals, the government has suggested turning to "ethical" hackers. This is the group that detect various leaks and weak spots. They hack the sites of companies and governments to identify the problems, not for criminal reasons. Wouter Stol thinks that these hackers will soon be needed. "Developments in the digital world are rapid. Training a few internet producers isn't enough. Before you know it you'll be left behind. It's a good strategy to gain the latest knowledge in a flexible manner. So you also need the hackers."











SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Philippine Becomes Haven for Organized Cybercrime (Pornography, Cyber Sex Dens, Online Gambling, CC Fraud and Id theft)

Posted by Avik Sarkar On 10/23/2011 05:16:00 pm

A top Philippine National Police official said the country has become a “haven” for transnational organized crime syndicates involved in cyber pornography, cyber sex dens, illegal online gambling, credit card fraud and identity theft due to weak laws against cyber crimes and the poor technical know-how of law enforcers.
Chief Superintendent Samuel Pagdilao Jr., director of the PNP Criminal Investigation and Detection Group (CIDG), said cyber-crime mafias, mostly foreigners, have established their base of operations in the Philippines. Pagdilao said cyber-crime operators have taken advantage of the PNP’s “organizational and technical incapability” to fight cyber crimes.
While cyber-crime syndicates use sophisticated technology, he rued that “law enforcers in the country are lagging behind in terms of training and equipment.”
Pagdilao asked Congress to prioritize passing the proposed cyber-crime prevention law to address the country’s legal inadequacies. He also asked the PNP to support the organizational and technical capability build-up of the CIDG’s cyber-crime unit. Pagdilao said foreign mafias have been running cyber-sex dens and cyber-pornography operations in the country. He said Korean mafias have been behind illegal online gambling and credit card fraud operations in the country.
Pagdilao said their recent arrest here of a Korean hacker wanted by Interpol revealed that “Korean cyber-crime syndicates are operating almost unhampered” in the country.

For More Information Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

19 Million+ UK Households Being Used As Cyber Weapon (Botnets)

Posted by Avik Sarkar On 12/10/2011 05:51:00 pm


You are also a cyber criminal. Don't get panic, we are sorry to say this for that is truth. An exclusive report is saying that more than a million households of UK is either used or misused as cyber weapons meainly Botnets.
Dutch researchers investigating ways to curtail the hijacking of domestic computers for criminal use, found that more than one million UK households’ PCs are linked to criminal networks known as ‘botnets’, which are groups of Internet-connected computers that have been compromised by a third party and put to malicious use. With around 6% of the UK’s 19m Internet households thought to be part of a botnet, this helps criminals spread spam around the Web more effectively, whilst it can also be used to attack websites and even garner bank details from the unsuspecting public.
The data was gathered from a number of different sources, though most emanated from what is known as ‘spam traps’, which are fake email addresses set up for the sole purpose of receiving junk mail. It’s thought that more than 90% of spam is sent through botnets, and it’s the Internet addresses on these botnets which are a good indicator of where the so-called ‘drone’ machines are located. The researchers then used the IP addresses of the machines that were sending the spam, and traced each one to an Internet Service Provider (ISP). And feeding into this was data about the Conficker botnet, which is thought to be one of the biggest examples of such a network, and incident reports from a computer security company called DShield. The UK figure is placed at number 19 in the top 20 nations with the biggest botnet problem, but it’s roughly in-line with the global average which sits at around 5-10% of domestic computers that are thought to be linked to botnets. Greece and Israel were way out on top, though, with around a fifth of all broadband subscribers thought to be unwittingly recruited into botnets. 
It goes without saying that the biggest ISPs have the biggest botnet problem. It has been figured out that the level of spam on BT’s network peaked at the end of July 2010, at which point more than 30m junk email messages were being sent each week.  

Here is a Statistic:- 


The good news, however, is that these figures have fallen sharply since then with a number of anti-cyber crime groups helping to bring down some of the biggest botnets. One takedown earlier this year saw spam fall massively overnight, when just an entire network, called Rustock, stopped sending junk.




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

CID (Criminal Investigation Department)of WB is Vulnerable & Sensitive Data Leeked By Hitcher & Mìstâ Hâxôr

Posted by Avik Sarkar On 7/26/2011 01:42:00 am


The official website of CID (Criminal Investigation Department) Westbengal, Govt. of India is Vulnerable. Hitcher & Mìstâ Hâxôr from Team PCF (Paksitan Cyber Force) found both SQL-i and XSS vulnerability on this site. They also leaked some sensitive data from this site.The official website of CID (Criminal Investigation Department)  is Vulnerable & Sensitive Data Leeked

One of the leeked Message:-

"...
>>>>>>>>>::::::__Message from DGP CID West Bengal Following__::::::>>>>>>>>>>>>>>>>>>>>

"Recognizing the seriousness of cyber threats, CID West Bengal has developed a Cyber Crime Unit under the Special Operation Group (SOG). For Scientific Analysis of   such threats a Computer Crime Analysis Lab (CCAB) has also been set up. This Lab will have the ability to handle cases pertaining to hacking, spread of virus,  pornography, manipulation of accounts, alteration of data, software piracy, creation of false websites, printing of counterfeit currency, forged visas, theft of  intellectual property, email spamming, denial of access, password theft, crimes with cell phones and palmtops, cyber terrorism and the transmission of secret codes  concealed in pictures...."
     The fight against Cyber Crime requires the highest level of expertise. However, in addition to this there should be awareness among members of public about      seriousness of Cyber Crime. It is with this objective that the CID Website has been created."
 
Vulnerable Website:-
http://cidwestbengal.gov.in/






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























#OpPhilippines - Anonymous Hacked & Defaced Several Philippine Govt Sites






 Posted by Avik Sarkar
 On 10/03/2012 04:37:00 am














#OpPhilippines -Anonymous Hacked & Defaced Several Philippine Govt Sites 











When the topic or act of Internet surveillance or Internet privacy rises its head, every time the Hacktivist group Anonymous stand against it. Earlier the world seen not only Anonymous but also hackers from different of the world joined in the protest against controversial act like SOPA, PIPA, ACTA or CISPA. Quit similar scenario happens to Philippines, as soon as the anti-cybercrime law get passed, immediately hackers shown a massive protest against it. The cyber fence of Philippine was heavily disturbed since Wednesday. At the very first stage of the attack the hacker group calling themselves "Anonymous Philippines" targeted several government, civil society and other private websites of Philippine and defaced them. This ongoing cyber attack against Philippine have been dubbed as Operation Philippine (#OpPhilippines)











As of Wednesday midnight, the website of Bangko Sentralng Pilipinas, Metropolitan Waterworks and Sewerage System, the American Chamber of Commerce, and the Philippine Anti-Piracy Team succumbed to the cyber-attacks. The websites of the anti-smoking campaign unit of the Department of Health and think tank Institute for Development and Econometric Analysis followed suit, bringing to six the number of websites attacked. One hactivist announced the challenge to commit cyber-crime in social networking site Facebook by a user #pR.isOn3r.  The post hinted in its footnote that the BSP website was a target.








“Challenge Accepted,” the hacktivist said. “If speaking up against idiocy in government and unconstitutional amendments is a crime, then I am PROUD TO BE A CYBER CRIMINAL.”



“We are anonymous. We are Legion. United as one. Divided by none,” the hacktivist said. “The corrupt fear us. The honest support us. The heroic join us. Expect us.”









This attack followed by few more Govt sites and they are- National Telecommunications Commission (NTC), Philippine Information Agency (PIA) and the Food Development Center sites. 











Message of the Hacker on Deface Page:- 




“This domain name associated with GOV.PH has been seized pursuant to an order issued by Anonymous Philippines,



“A federal grand jury has indicated several individuals and entities allegedly involved in the operation of this website / department / office charging them with the following federal crimes: Conspiracy, Violations of Human Rights, Corruption, Copyright infringement, Money Laundering, PIRACY, Misuse of Devices, Libel, Plagiarism, and Destruction of Freedom of Speech.”





















The attack is yet not over, The government portal of  Philippine also faced cyber attack. A twitter account which is recognized as one of of legitimate of source of hacker collective anonymous, took responsibility of engaging denial of service (DoS) attack against www.gov.ph 







"Anonymous Operation Philippines | Target: DOWN | http://www.gov.ph  | #Anonymous #OpPhilippines #FuckTheCyberCrimeLaw #Freedom  |" said the hacker, in his twitter















-Source (inquirer.net)


























SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























Obama Administration Is Implementing Tighter Penalties For Cybercrimes






 Posted by Avik Sarkar
 On 9/08/2011 05:13:00 pm














The Obama administration is seeking tougher sentences for people who are found guilty of hacking or other digital offenses, two officials said Wednesday.  
Associate Deputy Attorney General James Baker and Secret Service Deputy Special Agent in Charge Pablo Martinez said the maximum sentences for cyber crimes have failed to keep pace with the severity of the threats.  
Martinez said hackers are often members of sophisticated criminal networks.
"Secret Service investigations have shown that complex and sophisticated electronic crimes are rarely perpetrated by a lone individual," Martinez said.
"Online criminals organize in networks, often with defined roles for participants, in order to manage and perpetuate ongoing criminal enterprises dedicated to stealing commercial data and selling it for profit," he said.
Baker and Martinez appeared before the Senate Judiciary Committee to discuss the portion of the White House's cybersecurity legislative proposal that calls for stiffer penalties for cyber crimes as part of an update to the Computer Fraud and Abuse Act (CFAA).



The administration argues the Racketeering Influenced and Corrupt Organizations Act should be updated to make CFAA offenses subject to its terms. That law is used to prosecute organized crime. 
Baker said hacking has increasingly become a tool of choice for crimes like identity theft, extortion and corporate espionage.
"As computer technology has evolved, it has become a key tool of organized crime," Baker said. "Many of these criminal organizations are similarly tied to traditional Asian and Eastern European organized crime organizations."
The administration's proposal also calls for a national data breach standard to replace the current patchwork of state laws. Sen. Al Franken (D-Minn.) expressed concern that the proposed 60-day window for companies to notify customers their data has been breached would be too long, but Baker said the administration is willing to work with Congress on the issue. Sen. Richard Blumenthal (D-Conn.) shifted the conversation to the portion of the White House plan dealing with protecting critical private sector networks from outside attacks.



Baker said the White House plan does not include any criminal or civil provisions for forcing companies to comply with Department of Homeland Security cyber security standards. "The idea was to create a lighter touch ... to build incentives into the system," Baker said.



Experts have warned that without some sort of enforcement mechanism companies will not take the necessary security precautions. Blumenthal echoed that stance, suggesting the administration "consider some kind of stick as well as a carrot." Industry has argued that resources are the main limitation and argued for incentives such as liability protection for firms that experience attacks. 
But Baker expressed agreement with Blumenthal and said the current range of incentives built into the system, such as the loss of investor trust, stock market value and privileged corporate data has not been enough to convince companies to take adequate security measures.





-News Source (The HILL, CCFA, HLS)









SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-




























The First Cyberspace Strategy By U.S. Defense






 Posted by Avik Sarkar
 On 7/15/2011 08:11:00 pm














Cyberspace is a defining feature of modern life. Individuals and communities worldwide connect, socialize, and organize themselves in and through cyberspace. From 2000 to 2010, global Internet usage increased from 360 million to over 2 billion people. As Internet usage continues to expand, cyberspace will become increasingly woven into the fabric of everyday life across the globe. 

U.S. and international businesses trade goods and services in cyberspace, moving assets across the globe in seconds. In addition to facilitating trade in other sectors, cyberspace is itself a key sector of the global economy. Cyberspace has become an incubator for new forms of entrepreneurship, advances in technology, the spread of free speech, and new social networks that drive our economy and reflect our principles. The security and effective operation of U.S. critical infrastructure – including energy, banking and finance, transportation, communication, and the Defense Industrial Base – rely on cyberspace, industrial control systems, and information technology that may be vulnerable to disruption or exploitation. 

Along with the rest of the U.S. government, the Department of Defense (DoD) depends on cyberspace to function. It is difficult to overstate this reliance; DoD operates over 15,000 networks and seven million computing devices across hundreds of installations in dozens of countries around the globe. DoD uses cyberspace to enable its military, intelligence, and business operations, including the movement of personnel and material and the command and control of the full spectrum of military operations. 

The Department and the nation have vulnerabilities in cyberspace. Our reliance on cyberspace stands in stark contrast to the inadequacy of our cybersecurity – the security of the technologies that we use each day. Moreover, the continuing growth of networked systems, devices, and platforms means that cyberspace is embedded into an increasing number of capabilities upon which DoD relies to complete its mission. Today, many foreign nations are working to exploit DoD unclassified and classified networks, and some foreign intelligence organizations have already acquired the capacity to disrupt elements of DoD’s information infrastructure. 

Moreover, non-state actors increasingly threaten to penetrate and disrupt DoD networks and systems. We recognize that there may be malicious activities on DoD networks and systems that we have not yet detected. 



DoD, working with its interagency and international partners, seeks to mitigate the risks posed to U.S. and allied cyberspace capabilities, while protecting and respecting the principles of privacy and civil liberties, free expression, and innovation that have made cyberspace an integral part of U.S. prosperity and security. How the Department leverages the opportunities of cyberspace, while managing inherent uncertainties and reducing vulnerabilities, will significantly impact U.S. defensive readiness and national security for years to come. 



DOD’S STRENGTHS AND OPPORTUNITIES IN CYBERSPACE:- 



As does the nation as a whole, DoD relies on a secure and reliable cyberspace that protects fundamental freedoms, privacy, and the free flow of information. In support of both U.S. core commitments and national security, DoD has significant strengths and opportunities in cyberspace. The U.S. military’s ability to use cyberspace for rapid communication and information sharing in support of operations is a critical enabler of DoD missions. More broadly, DoD’s depth of knowledge in the global information and communications technology sector, including its cybersecurity expertise, provides the Department with strategic advantages in cyberspace. 

The quality of the United States’ human capital and knowledge base in both the public and private sectors provides DoD with a strong foundation on which to build current and future cyber capabilities. DoD has played a crucial role in building and leveraging the technological prowess of the U.S. private sector through investments in people, research, and technology. DoD will continue to embrace this spirit of entrepreneurship and work in partnership with these communities and institutions to succeed in its future cyberspace activities. 

Given the dynamism of cyberspace, nations must work together to defend their common interests and promote security. DoD’s relationship with U.S. allies and international partners provides a strong foundation upon which to further U.S. international cyberspace cooperation. Continued international engagement, collective self-defense, and the establishment of international cyberspace norms will also serve to strengthen cyberspace for the benefit of all. 



CYBER THREATS:- 



The Internet was designed to be collaborative, rapidly expandable, and easily adaptable to technological innovation. Information flow took precedence over content integrity; identity authentication was less important than connectivity. The Internet’s original designers could not have imagined the extent of its vital and growing role for DoD and its operations. The global scope of DoD networks and systems presents adversaries with broad opportunities for exploitation and attack. 

Low barriers to entry for malicious cyber activity, including the widespread availability of hacking tools, mean that an individual or small group of determined cyber actors can potentially cause significant damage to both DoD and U.S. national and economic security. Small-scale technologies can have an impact disproportionate to their size; potential adversaries do not have to build expensive weapons systems to pose a significant threat to U.S. national security.

In developing its strategy for operating in cyberspace, DoD is focused on a number of central aspects of the cyber threat; these include external threat actors, insider threats, supply chain vulnerabilities, and threats to DoD‘s operational ability. DoD must address vulnerabilities and the concerted efforts of both state and non-state actors to gain unauthorized access to its networks and systems. 

Foreign cyberspace operations against U.S. public and private sector systems are increasing in number and sophistication. DoD networks are probed millions of times every day, and successful penetrations have led to the loss of thousands of files from U.S. networks and those of U.S. allies and industry partners. Moreover, this threat continues to evolve as evidence grows of adversaries focusing on the development of increasingly sophisticated and potentially dangerous capabilities. 

The potential for small groups to have an asymmetric impact in cyberspace creates very real incentives for malicious activity. Beyond formal governmental activities, cyber criminals can control botnets with millions of infected hosts. The tools and techniques developed by cyber criminals are increasing in sophistication at an incredible rate, and many of these capabilities can be purchased cheaply on the Internet. Whether the goal is monetary, access to intellectual property, or the disruption of critical DoD systems, the rapidly evolving threat landscape presents a complex and vital challenge for national and economic security. 



Some cyber threats also may come from insiders. Malicious insiders may exploit their access at the behest of foreign governments, terrorist groups, criminal elements, unscrupulous associates, or on their own initiative. Whether malicious insiders are committing espionage, making a political statement, or expressing personal disgruntlement, the consequences for DoD, and national security, can be devastating. 

Software and hardware are at risk of malicious tampering even before they are integrated into an operational system. The majority of information technology products used in the United States are manufactured and assembled overseas. The reliance of DoD on foreign manufacturing and development creates challenges in managing risk at points of design, manufacture, service, distribution, and disposal. 

Potential U.S. adversaries may seek to exploit, disrupt, deny, and degrade the networks and systems that DoD depends on for its operations. DoD is particularly concerned with three areas of potential adversarial activity: theft or exploitation of data; disruption or denial of access or service that affects the availability of networks, information, or network-enabled resources; and destructive action including corruption, manipulation, or direct activity that threatens to destroy or degrade networks or connected systems. 



Cyber threats to U.S. national security go well beyond military targets and affect all aspects of society. Hackers and foreign governments are increasingly able to launch sophisticated intrusions into the networks and systems that control critical civilian infrastructure. Given the integrated nature of cyberspace, computer-induced failures of power grids, transportation networks, or financial systems could cause massive physical damage and economic disruption. DoD operations—both at home and abroad—are dependent on this critical infrastructure. 

While the threat to intellectual property is often less visible than the threat to critical infrastructure, it may be the most pervasive cyber threat today. Every year, an amount of intellectual property larger than that contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government departments and agencies. As military strength ultimately depends on economic vitality, sustained intellectual property losses erode both U.S. military effectiveness and national competitiveness in the global economy. 



CONCLUSION:-



National security is being redefined by cyberspace. In addition to opportunities, DoD faces significant cyberspace challenges. The Department’s military, intelligence, and business operations all depend upon cyberspace for mission success. The “Department of Defense Strategy for Operating in Cyberspace” assesses these challenges and opportunities and sets a strategic approach for DoD’s cyber mission. 

The Department’s five strategic initiatives offer a roadmap for DoD to operate effectively in cyberspace, defend national interests, and achieve national security objectives. Each initiative is distinct, yet necessarily connected with the other four. Across the strategy, activities undertaken in one initiative will contribute to DoD’s strategic thinking and lead to new approaches in the others.

By pursuing the activities in this strategy, DoD will capitalize on the opportunities afforded to the Department by cyberspace; defend DoD networks and systems against intrusions and malicious activity; support efforts to strengthen cybersecurity for interagency, international, and critical industry partners; and develop robust cyberspace capabilities and partnerships. This strategy will guide the Department’s defense of U.S. interests in cyberspace so that the United States and its allies and partners may continue to benefit from the innovations of the information age.



To read the full Department of Defense Strategy for Operating in Cyberspace Click HERE


 








-News Source (Defence Professionals)

 






SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
































Related Posts Plugin for WordPress, Blogger...


















Site search