Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - Cybercrime Victims Number One Million Each Day (wsj.com)

pbahra writes: "Over one million adults around the world are the victim of cybercrime every day, according to figures published Wednesday. The Norton Cybercrime Report 2011 paints a gloomy picture. The company estimates that cybercrime cost online consumers over the 24 countries surveyed a total of $388 billion in just one year. By contrast, according to Adam Palmer, Lead Advisor at Norton Cybersecurity Institute and a former U.S. Navy prosecutor, the entire global trade in cocaine, heroin and marijuana is worth $288 billion. All told, Symantec estimates that there are 431 million victims a year. Your chances of being a victim of cybercrime (44% of people reported being a victim) are substantially greater that being a victim of a physical crime (15%)."

Submission + - Ex-U.K.Official Gets Huawei Cyber-Security Role (wsj.com)

pbahra writes: "BEIJING — Chinese telecommunications-equipment maker Huawei Technologies Co. said Monday it has hired a former chief information officer for the U.K. government as a cyber-security official, as the company faces continued scrutiny in developed markets where it aims to expand. Huawei has faced political obstacles to expansion in developed markets, especially in the U.S., over what critics call close ties to the Chinese government — something Huawei denies. John Suffolk, who will report to Huawei's secretive chief executive, Ren Zhengfei, will start as Huawei's first "global cyber security officer" on Oct. 1, the company said."

Submission + - U.K. Officials Put Classified Info in the Cloud (wsj.com)

pbahra writes: "U.K. government policy makers will be able to work securely on classified documents across departments for the first time thanks to a deal with cloud computing and content management service provider Huddle. Previously the only way for policy makers to share documents across departments, said Huddle CEO Alastair Mitchell, was via secure email: "Try working on a 500 page document to be shared by 20 people. It is a nightmare." Some 70% of government departments have been using a version of Huddle for some time, said Mr. Mitchell, but anything with a classification of "oerestricted" or above was prohibited. So the government commissioned a special secure version, called Huddle IL3, to allow it to handle more sensitive documents up to restricted level. According to a government spokeswoman a large amount of government work is done at the restricted level.
Cloud-based solutions help tackle the issue of users, when faced with obtrusive security procedures, using their insecure Gmail or Hotmail accounts. Surely London-based Huddle has just made itself a target for every hacker in the world wanting to crack into the U.K. government’s secrets? Not so. “It is running on the government secure intranet on their servers in their data center” said Mr. Mitchell. He added that because they were running on the government servers, they were in theory authorized to work to higher levels. He said they were hopeful to be cleared to handle the next level of security, confidential (IL4), next year."


Submission + - Vodafone Mobiles Targeted by Hackers (wsj.com)

pbahra writes: "Hackers gained access to unauthorized information from Vodafone mobiles and its network after exploiting security loopholes in a femtocell—devices aimed at plugging small holes in their network coverage—the group has claimed. In a statement Vodafone has said that it was aware of the hack the group alleged it had used and had already patched the vulnerability. “The only time a customer could theoretically have been at risk was if they were registered on, and within 50 metres of, a box which the owner had tampered with,” the company said in the statement. “This would have required that person to dismantle the device and solder additional components onto it, as well as taking the conscious decision to prevent the device from receiving our automatic software updates.” “Eduart Steiner” (a pseudonym), a spokesman for The Hacker’s Choice group, said: “That is exactly what we did.”"

Submission + - Is the Military Prepared for Cyberwarfare? (wsj.com)

pbahra writes: "If you think that combatting cyber criminals is hard in your organization, imagine doing it in an enterprise with some 18 or so layers of management between the top man (and it is always a man) and the most junior employee. Now imagine that in that organization there is a form for everything, that it can take literally decades to buy new equipment, and that you can be jailed for having dirty footwear. But that same organization is charged with helping to defeat shadowy hacker groups who are faster, have better equipment, almost certainly are better funded and don’t have to salute every time someone senior walks past them.
The modern military is used to operating in what is known as an asymmetric environment, with a distinct imbalance between the two opponents. The problem for the military is that they like to be the big guy. According to a senior officer speaking at the 2011 Annual Defense Lecture in London, when asked if the military was capable of operating at the same speed as their opponents, he admitted they were not."


Submission + - German Researchers Find Security Hole in Android (wsj.com)

pbahra writes: "German researchers have made a startling discovery. A large number of Google Android smartphones are vulnerable to attack from uninvited perpetrators, who can access your contacts, calendar and private photos, according to three researchers from Ulm University in southern Germany. The finding follows the recent press around Apple and Google collecting user data. While such revelations are becoming commonplace in today's new world of always on, always connected smartphones, the seriousness of what the researchers found is not to be underestimated. By accessing your contacts and calendar, raiders could naturally steal such information, but they could also use such information to figure out when you might be home, for example. They could also alter stored email addresses without you even noticing, and intercept communication. In a blog post, the researchers said that they set out to see if it's possible to launch an impersonation attack against Google services. "The short answer is: Yes, it is possible, and it is quite easy to do so," they wrote."

Submission + - Confusion Surrounds U.K. Cookie Guidelines (wsj.com)

pbahra writes: "The Information Commissioner’s Office has, with just over two weeks to go, given its interpretation on what websites must do to comply with new EU regulations concerning the use of cookies. The law, which will come into force on 26 May 2011, comes from an amendment to the EU’s Privacy and Electronic Communications Directive. It requires U.K. businesses and organizations running websites in the U.K. to get informed consent from visitors to their websites in order to store and retrieve information on users’ computers. The most controversial area, third party cookies, remains problematic. If a website owner allow another party to set cookies via their site, and it is a very common practice for internet advertisers, then the waters are still muddy. And embarrassingly for the Commission — it's current site would not be compliant with its new guidelines as it simply states what they do and does not seek users’ consent."

Submission + - Apocalyptic Terrorist Threat to GPS “Fancifu (wsj.com)

pbahra writes: "A report by the U.K.’s Royal Academy of Engineering on the vulnerability of the GPS system has caused something of stir with apocalyptic visions of a cyber-hell. “Cyber terrorists could cripple banks, send ships floundering on to rocks and bring death to the roads at the click of a mouse,” wrote one British newspaper. The report’s author, Dr. Martyn Thomas, dismissed such reporting as hype. He said aim of the report, “Global Navigation Space Systems: reliance and vulnerabilities” was to highlight the “dangerous over-reliance” on satellite navigation and timing signals, which are vulnerable to disruption, either from natural events such as solar storms, or jamming. While most people think of GPS as a navigation system such as your in-car navigation, it is also used in data networks, sea and air transport, railways and emergency services. It is also a global, synchronized, highly-accurate clock which is used in systems like high frequency trading.
Dr. Thomas described the threat to the national infrastructure by over reliance on GPS as “dangerous, although not very dangerous. However we are on a path that might lead us there if we do not take steps.”"

"You need tender loving care once a week - so that I can slap you into shape." - Ellyn Mustard