cybercrime

You are currently browsing articles tagged cybercrime.

Banksia in the Mist: click to embiggenMy week of Monday 31 March to Sunday 6 April 2014 has definitely seen the beginnings of some sort of return to normality, despite the almost continuous dreary weather.

I won’t go on about that, however because I don’t want to jinx it. I’ll just list the stuff.

Articles

Media Appearances

5at5

I managed to pump one out every weekday this week, which hasn’t happened in a while. I think it’s about time for you to subscribe, if you haven’t already done so.

Corporate Largesse

  • On Wednesday I went to a briefing session by HP Enterprise Security Services at the Four Seasons Hotel in Sydney, where a lovely afternoon tea was served — although I’d had a big lunch, so didn’t really taste much of it.

The Week Ahead

On Monday I’m presenting an updated version of my guest lecture at University of Technology Sydney (UTS) at 1000, and that means it’s an early start. I’m catching an 0636 train from Wentworth Falls, arriving at Sydney Central at 0817. I could catch a later train, but I want to grab a bite to eat before meeting the course coordinator for coffee at 0900. Plus I want to allow for the possibility of delays. My Twitter stream should be fun that morning, for some value of fun.

If you want to take me to lunch on Monday, or otherwise catch up, now is the time to stake your claim.

I have another morning gig in Sydney on Tuesday, a meeting at 1045, so it looks like I’ll be spending plenty of time on trains over the next couple of days.

Then on Wednesday it’s an 0845 start in Sydney for the Amazon Web Services Sydney Summit. Ideally I’d stay in Sydney overnight from Tuesday, but the early-month cashflows look like they won’t permit that. Stay tunes for updates, however.

[Update 12 April 2014: Those two trips to Sydney didn't happen -- and it's a good thing they got cancelled, because once the Heartbleed security bug was announced on Wednesday my time, I was flat out on work related to that, Expect plenty of updates over the next 72 hours.]

The rest of the week and the weekend, including what will be written when, has yet to be mapped out. That will depend very much on what I manage to get done in the next 48 hours.

[Photo: Banksia in the Mist, photographed at Bunjaree Cottages on 4 April 2014.]

Screenshot from The Project, 28 February 2014It’s been a while since I got to talk directly to The Project presenters, but I did so last night. And I was captioned as a “Cyber Security Commentator”, which is obviously a bit special.

The story was about the security risks of webcams. Presenter Gorgi Coglan introduced it thusly:

What if I told you that the webcam in your computer could be under the control of someone on the other side of the planet, and watching everything you do right now?

I was pleased that The Project introduced the Channel TEN audience to RATs, or remote administration (or access) tools, and managed — as they nearly always do — to strike the right balance between scary and funny.

Over the fold you’ll find the video of the entire four-minute segment — starting off with a “package”, as they’re called, featuring Hacklabs director Chris Gatford, followed by the panel interviewing me.

It was the Friday team, so that panel consisted of presenter Gorgi Coglan, comedian Lehmo, the inimitable Waleed Aly and, just to be different, Richie Sambora, guitarist of Bon Jovi fame.

Read the rest of this entry »

ABC logoThis evening I had a lovely conversation on ABC Local Radio in Sydney and around NSW on the takedown of the Silk Road internet marketplace and the Tor anonymity software that made such anonymity possible.

The presenter was the redoubtable Dom Knight. Given that we last spoke in April, we had a lot to catch up on. Here’s the full audio.

Play

The audio is of course ©2013 Australian Broadcasting Corporation, archived here because it isn’t being archived anywhere else.

Winter in Sydney, dreadful: a photograph of Sydney Central station on a bright sunny day: click to embiggenMy week Monday 12 to Sunday 18 August 2013 was quite productive, for a change. As you’ll see below, I produced more media objects this week than in quite a while.

This is as good a time as any to mention that climbing out of the current — or should I say recent — black dog episode is proving remarkably straightforward this time. I think that’s down to a combination of factors. I’ve got a good medical team. I’ve been down that rabbit-hole before, so it’s a familiar landscape and a familiar route home — and indeed that initial blog post was really me starting that process. I’ve had a few professional compliments lately. And the weather has been lovely, which makes a big difference when there’s a seasonal component to one’s moods.

Podcasts

  • Corrupted Nerds: Conversations 4, being a chat with Dr Kerry Hinton from the Centre for Energy-Efficient Telecommunications (CEET) about how the internet uses electricity — and how we might well run into a power crisis.

I still haven’t kicked off The 9pm Election podcast. I really do think I was biting off more than I can chew with that little addition to my planned workload.

Articles

Media Appearances

  • On Monday, I spoke about geoblocks and how to avoid them, briefly, as part of a package on Channel TEN’s The Project. This was the footage shot two weeks ago.
  • On Tuesday, ITJourno wrote about me, Stilgherrian launches Corrupted Nerds podcast, but you won’t be able to read it unless you’re a member.
  • On Sunday I spoke about future politics on ABC Radio National’s Sunday Extra with host Jonathan Green and John McTernan, formerly Prime Minister Julia Gillard’s head of communications.

Corporate Largesse

  • On Thursday night, I dropped in to a little soirée to launch Malcolm Turnbull’s new website. Beer and sushi was to be had.
  • On Friday night, I popped in to the launch of Dom Knight’s new book, Man vs Child, and there was an open bar for a while. I had one beer. Because I’m responsible.

The Week Ahead

On Monday and Tuesday I’ll be in Sydney to cover the Gartner Security and Risk Management Summit for CSO Online and Technology Spectator, each in their own way. That’ll keep me busy with writing through Wednesday.

The rest of the week is full of more writing, for ZDNet Australia and my now-regular guest lecture at UTS at a bare minimum.

Somewhere in there I need to start working on some income-generation for Corrupted Nerds.

The weekend is likely to be a quiet one.

[Photo: Winter in Sydney, dreadful, being a photograph of Sydney Central station taken on 16 August 2013, an exceptionally lovely blue-sky day. As I said last week, spring has come early this year.]

Glimpse of Sydney Central: click to embiggenMy week Monday 22 to Sunday 28 July 2013 was initially as unproductive as the previous two, but Thursday marked a turning-point. Thank the gods. No details.

Articles

Podcasts

None, but I did plenty of behind-the-scenes work on the Corrupted Nerds website, including settling on Cryout Creations’ Mantra theme for WordPress as the design framework.

This fixed a very, very annoying bug that I’d encountered in some other themes that broke the RSS feeds in Blubrry’s PowerPress Podcasting Plugin for WordPress, and that in turn meant that I couldn’t add the podcasts to Apple’s iTunes store.

Having removed that roadblock, I’ll be able to add more material to Corrupted Nerds very soon — including two new episodes in the coming week.

Media Appearances

None.

Corporate Largesse

The Week Ahead

On Monday I’ll complete a catch-up edition of my ZDNet Australia column, The Full Tilt, with something that’ll probably annoy quite a few people who call themselves geeks, and then spending the afternoon in Katoomba. Somewhere in there I’ll fire up that Nokia Lumia 925.

On Tuesday I’ll write a piece for Technology Spectator, one that’s been on the back burner for a while, and completing a new episode of Corrupted Nerds: Conversations podcast. The forecast is for a rainy day, so that’s perfect.

On Wednesday morning I’ll head into Sydney to attend a media event with Vodafone Australia at 1030, then the rest of the week becomes some what flexible — although I know it include a medical appointment in Sydney, another column for ZDNet Australia and some planning.

The weekend is currently unplanned.

[Photo: Glimpse of Sydney Central, being a view of the clock tower at Sydney's Central station, taken early one winter morning from the Metro Sydney Central hotel.]

Composite image of ZDNet column headline and McAfee report title: click for ZDNet columnAs brokers of reliable information about the scale of online crime and espionage, most information security vendors would make great used car salesmen — but McAfee’s latest research finally seems to be taking the right path.

In my column at ZDNet Australia this week, I give McAfee some praise for the most recent research they’ve funded, a preliminary report from the Washington-based Center for Strategic and International Studies titled The Economic Impact of Cybercrime and Cyber Espionage that dismantles the daft idea that cyberstuff costs the global economy a trillion dollars a year.

McAfee now admits that you can’t run a small-N survey in a couple dozen large, wealthy nations — often a self-selected sample of known crime victims at that — and extrapolate the data globally.

Their new figure is “probably measured in the hundreds of billions of dollars”, although they never quite commit to one specific number…

“In the context of a $70 trillion global economy, these losses are small, but that does not mean it is not in the national interest to try to reduce the loss, and the theft of sensitive military technology creates damage whose full cost is not easily quantifiable in monetary terms,” McAfee writes.

True, but as McAfee themselves point out, this supposed cybercrime explosion is really down at the level of shoplifting. Retailers generally budget between 0.5% and 2% for pilferage and other such “shrinkage”.

I also mention my previous critical comments about various infosec vendors’ dodgy statistics — but I don’t link to them, because they were mostly published at non-CBS mastheads. So here’s a selection of stories I’ve written on this subject over the last couple of years.

Read the rest of this entry »

Corrupted Nerds: Conversations cover image: click for the first episodeLast night launched a new website and podcast, Corrupted Nerds, and the first episode is an interview with Eugene Kaspersky.

Yes, this is a “replacement” for the Patch Monday podcast I used to do for ZDNet Australia, but which was killed off in a budget cut at the beginning of 2013 — with my approval, by the way, because I agreed that from ZDNet Australia’s point of view the money would be better spent on a written column, The Full Tilt.

I won’t got into details about Corrupted Nerds, apart from saying that the subtitle is “information, power, security and all the cybers in a global internet revolution that’s changing… everything”, and to point to the introductory blog post for more details.

I’ve got four episodes in the pipeline, but no funding yet. So I’d be grateful if you could both spread the word and comment upon what I’m doing. I thank you.

AusCERT 2013 conference banner: click for conference websiteHere’s a list of the news stories I’ve found this morning that have been written about the AusCERT 2013 information security conference.

The theme for this year’s conference was “This time it’s personal”:

[The theme reflects] the growth in attacks and unauthorised disclosures of online personal information. Motivated by illicit financial gain, cyber criminals obtain unauthorised access to personal information, but more and more, we are seeing data disclosures being posted publicly by attackers for political motives, rather than financial gain.

Hence the theme will resonate within the information security community and remind us that the online environment provides opportunities galore to capture personal information; of the impact these breaches can have on the lives of individuals; and the importance of information security to prevent these attacks. AusCERT2013 will explore these issues and bring experts from Australia and around the world to provide insight and solutions to deal with these challenges.

Items are arranged alphabetically by masthead and then chronologically. If I’ve missed anything, please let me know. Indeed, I daresay that some more articles will be published on Monday or Tuesday, so if that happens I’ll update this post appropriately.

There’s a lot here for me to read, so if I’m going to write a reaction piece some time then it’ll be… later.

Read the rest of this entry »

AusCERT 2012 logo: click for conference websiteI didn’t make it to information security conference AusCERT 2013 this year. I’m about to read what’s been written and compile a list — but first, a reflection on what happened in 2012.

When I look back two years to what I wrote from AusCERT 2011, I’m reminded that we were just getting our head around the implications of the Stuxnet worm. Not only was malware being written by organised criminals, and we were facing an explosion of anti-banking malware and mobile malware, and looking ahead to when an angry child might deploy malware against their neighbours — we were now made well aware that malware was also being written by nation states with budgets in the millions of dollars and beyond.

But looking through the list (below) for AusCERT 2012, what jumps out is the emphasis on the militarisation of information security, as well as the emphasis in the scale of criminal activities. I won’t expand on that, because the conversation with AusCERT general manager Graham Ingram speaks for itself.

Articles from AusCERT 2012

Podcasts from AusCERT 2012

  • Patch Monday episode 139, “War talk dominates AusCERT 2012″, the first of two episodes based on material recorded at the information security conference. The overall theme is that infosec is becoming militarised. We no longer talk about “information assurance” but “defensive cyber operations”. Click through for the full list of speakers.
  • Patch Monday episode 140, “Cybercrime: it’s just too easy”, the second of two episodes based on material recorded at the AusCERT 2012 information security conference. AusCERT general manager Graham Ingram explains why cybercrime is here to stay, and F-Secure chief research officer Mikko Hypponen details a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow, as well giving his views on hacktivism and the level to which antivirus companies should cooperate with governments.

Bonus Extra Video

After the conference, my flight back to Sydney was delayed. With the need to kill some time, this video was the result.

My compilation of reports from AusCERT 2013 will be posted later today. My compilation of reports from AusCERT 2013 is now online.

ABC logoOn Tuesday morning I did another radio spot, this time about two web-related issues: the 20th birthday of the World Wide Web, and the so-called “dark web” and the denial of service attack against The Silk Road.

The presenter was Bern Young, who I’ve spoken to before on the Drive program, but it seems she’s doing the Breakfast shift now.

Play

The audio is of course ©2013 Australian Broadcasting Corporation, archived here because it isn’t being archived anywhere else.

« Older entries