The top source of Web attacks is Myanmar!?



When you think about which country is the world’s biggest source of Internet attacks, the usual suspects first come to mind.

The United States, perhaps, because it has the most individual IP addresses and such free-flowing Web traffic. China is always a candidate, since it has so many users and has often been accused of being behind attacks. Russia is another traditional source of attacks.

But Myanmar?

According to Akamai’s first quarter report for 2011, Myanmar was the source of 13 percent of the attack traffic during that period, ahead of the U.S. (10 percent), Taiwan (9.1 percent), Russia (7.7 percent) and China (6.4 percent).

Myanmar, aka Burma, has 55 million people, but it was under military rule from 1962 until earlier this year and is one of the least-developed countries in the world.

So how does it wind up leading the Internet in anything?

Read More To Find Out

CRIME: West Aussies Added To List Of ‘Microsoft Scam’ Victims

SEVERAL West Aussies are out of pocket by hundreds of dollars after they were targeted by over-the-phone scammers posing as Microsoft computer technicians.

Consumer Protection said it had received more than 155 enquiries in the last three months about the Microsoft scam, where scammers can remotely access the victim’s computer after given access.

Commissioner for Consumer Protection Anne Driscoll said the victims are putting themselves at risk of identity theft and it was time to issue a fresh warning.

“Despite previous warnings by consumer protection agencies and Microsoft themselves, people in WA are still falling victim to this scam,” she said.

“You may be asked to log onto a website which allows the cold-caller to gain remote access to your computer. Or you could be encouraged to supply information like the IP address and then see the cursor begin to move when you’re not touching your mouse or keyboard.

“We have also heard of a random pop-up which falsely claims to offer a Microsoft system upgrade and then installs unwanted software.”

Ms Driscoll said the scam involves phishing and potential extortion.

“The scammer can alter security or anti-virus software settings, or add a key-stroke recorder to the PC. This means that when you enter personal or secure details, during online banking or internet trading for example, those details can be used fraudulently.

“Some consumers have been asked to pay between $125 and $220 by credit card, for a system upgrade available for free online. Those who refuse may have their passwords changed or be locked out of their computers. There’s also a risk of unwanted software being installed and scammers asking for payment to remove it.

WA ScamNet advises:

  • Never let unknown third parties access your computer.
  • Regularly scan PCs with an up to date virus detection program.
  • Do not be fooled by legitimate sounding organisation names like “Windows Security” or “Windows Service Centre”.

If you have let a potential scammer access your computer you should consider having it inspected by a reputable technician to ensure it can no longer be logged onto remotely and is free from malicious software.

If you’ve paid money to these scammers via credit card seek a charge back from your financial institution.

Via Perth Now; Related Fake Phone Scams Targeting PC Users

CRIME: The Sophisticated Hackers

Sophisticated attackers have eclipsed hackers as the largest threat to organisations, as protecting the amount of data in an organisation proves to be more challenging. Speaking at the Symantec Vision conference in Barcelona, Francis deSouza, senior vice president of the enterprise security group at Symantec, said that there are four key trends when it comes to the threat landscape: attackers; complex heterogeneous infrastructure; information explosion; and the increasing cost of a security breach.

He commented that it was clear from analysis of the Stuxnet worm that such a sophisticated threat was not written by casual hackers. He said: “This was written by a very sophisticated team that has deep skills that crossed a number of different areas and that invested a number of man years into creating this piece of malware.”

Looking at the first key trend, De Souza said: “The hackers have really changed over the past few years, four years ago I would have talked about the primary drivers were that hackers were trying to take down infrastructure. But today hackers have dropped out of the top three in terms of factors driving security attacks, the number one group driving security attacks today are the sophisticated attackers.

“Hackers have dropped to number four, number two and number three driving attacks today are actually insiders, the number two group are well-meaning insiders such as employees or contractors or customers who have legitimate access to a corporate network, but inadvertently do things that put an organisation at risk.

“The third group are actually malicious insiders who have legitimate access to the network but are actually deliberately stealing information. They are doing it because they are disgruntled, or have discovered a profit motive to be had in stealing corporate information.”

He went on to claim that the second big trend was around the infrastructure that organisations have to protect, specifically as sophisticated attackers use evolved attacks. He said that the techniques being used are very different from those of hackers, particularly with the emergence of ‘custom malware’ to create an attack.

He said: “Custom malware means that you have never seen that file before. Some of the old methods of doing security around signature-based security just won’t work because you will not have seen that file before so you will not have a signature for that file and will not be able to block it.”

He said that CIOs have more to protect in their environment than ever before, such as more equipment in the data centre, more endpoints and more people to protect because suppliers and contractors reach into the network.

“Also the amount of information that they have to protect is growing expedentially, almost across industries, organisations are telling us that the amount of information that they have to protect is doubling every two years, that is a massive amount of growth,” he said.

“In addition to the amount of information, they are realising that the amount of confidential information is growing. They are seeing an information explosion and more that they need to protect.”

Via SC Magazine

Childish Prank Is Now DoJ’s Nightmare

The U.S. Department of Justice said it may have been the most sophisticated computer fraud ever. For Viktor Pleshchuk, it was the chance to buy a brand new BMW and an apartment in his hometown of St. Petersburg.

The 29-year-old last month pleaded guilty to participating in a worldwide hacking scheme that led to the illegal withdrawal of more than $9 million from cash machines worldwide operated by RBS WorldPay Inc., the U.S. payment-processing division of Britain’s Royal Bank of Scotland Group Plc.

The conviction shed light on a growing trend from Russia. Just as President Dmitry Medvedev seeks to persuade investors his country is a safe place, more technology graduates are turning to cybercrime. The FBI last week charged 37 suspects from Russia, Ukraine and other eastern European countries of using a computer virus to hack into U.S. bank accounts.

“The number of hackers reflects how many good engineers we potentially have in this country,” Vladimir Dolgov, the president of Google Inc. in Russia, said in a Bloomberg Television interview in Moscow.

Russians committed more than 17,500 computer-related crimes last year, or 25 percent more than in 2008, according to the Interior Ministry’s latest statistics.

‘Childish Prank’

While cybercrime is proliferating, Russian laws against it were written in 1998, when hacking was often perceived as a “childish prank,” Boris Miroshnikov, the head of the ministry’s anti-cybercrime department, said in a report posted on the agency’s website.

A ministry spokeswoman said the department has advised Russian lawmakers to impose stiffer penalties on hackers. She declined to be identified, citing department policy.

“We are working on that, but so far we haven’t moved beyond discussions,” she said.

Businesses around the world lose more than $1 trillion in intellectual property due to data theft and cybercrime annually, according to a report in January 2009 by McAfee Inc., the technology security company based in Santa Clara, California.

Seeking to thwart the attacks, U.S. legislators in March proposed to use trade restrictions to penalize countries that provide safe haven to hackers.

Via Bloomberg