Tag Archives: cyber security

Worst cyber-crime is in US, Russia

Posted on by

As I blogged yesterday, the IP addresses attacking me trace back to a Netherland hosting company called Ecatel Network.

ECATEL NETWORK

Ecatel has become notorious for hosting bad actors, from the Russian spammers to pedophile networks.  It also has a reputation for brushing off requests for help from the victims.

Trying to figure out what was going on, I did a bit of research into the world of cyber-crime.

AKAMAI REPORT – CHINA LEADS CYBER-CRIME?

The mainstream media likes to portray cyber-crime as essentially a foreign threat. China, especially, is fingered as the bad guy.

For instance, in January,  US-based Akamai Technologies issued a report  placing China at the head of global hacking, responsible for 35% of cyber-attacks world-wide.

More recently,  the US government pressed cyber-warfare charges against five of China’s army officers.

Nigerians scamsters are rumored to run a close second.

There are two things wrong with this picture. The first is the source of the information.

Akamai Technologies is a “content-delivery network” head-quartered in Cambridge, Massachussetts.

It was founded by an MIT applied math professor, Tom Leighton, and a graduate student at MIT, Daniel Lewin, later killed on AA flight 11, which crashed during the September 11, 2001 attack.

According to his MIT bio, Leighton is a specialist in cryptography,  digital rights, and algorithms for network applications. He also chaired a Presidential committee on Cyber-Security.

Akamai’s co-founder,  COO, and President was the founder of the Road-Runner cable service. Its CEO was a senior VP from IBM.

Akamai’s privacy policy states that it collects IP addresses and effectively tracks clients.

Its partners include Microsoft and Apple and its clients include the BBC, the White House,  Facebook, Twitter, Adobe Systems, Netflix, Yahoo, ESPN Star (India),  China Central Television and Al Jazeera, among many others.

How likely is it that reports from Akamai on cyber-crime are untouched by political pressure?

WORLD HOSTS REPORT –  US, RUSSIA LEAD CYBER-CRIME

Point two. The statistics don’t support Akamai’s pious propaganda.

The Chinese do indeed have a very high number of IP addresses attached to their malicious activity. If sheer volume were the only criterion, China would dominate.

However,  as far as the number of malicious sites and the level of threat involved, the world’s leading cyber-criminals aren’t Chinese.  Not even close.

They are in the US and in Russia, closely followed by smaller countries like the Netherlands, the Ukraine, and Romania.

In Host Exploit’s authoritative World Hosts Report of March 2013, five of the top twenty  malware hosts were based in the US; four were in Russia, two each in the Netherlands, Germany, and the Ukraine.

Chinanet Backbone was the only host from China that made the top twenty.

What was especially interesting to me was to find the originator of the attacks on my computer, Ecatel network, at the top of the list of the world’s leading hosts for malware.

Host Exploit also breaks down cyber-crime by country, with Russia leading the pack.

This is its list of the world’ top ten cyber-crime havens in 2013:

1. The Russian Federation (RU)

2. Belarus (BY)

3. Ukraine (UA)

4. The British Virgin Islands (VG)

5. The United States (US)

6. Romania (RO)

7. Netherlands (NL)

8. Poland (PL)

9. Turkey (TR)

10. Bulgaria  (BG)

 

The Traitorware Among Us

Posted on by

Eva Galperin at EFF:

“Your digital camera may embed metadata into photographs with the camera’s serial number or your location. Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it. If Apple puts a particularly creepy patent it has recently applied for into use, you can look forward to a day when your iPhone may record your voice, take a picture of your location, record your heartbeat, and send that information back to the mothership.

This is traitorware: devices that act behind your back to betray your privacy.

Perhaps the most notable example of traitorware was the Sony rootkit. In 2005 Sony BMG produced CD’s which clandestinely installed a rootkit onto PC’s that provided administrative-level access to the users’ computer. The copy-protected music CD’s would surreptitiously install its DRM technology onto PC’s. Ostensibly, Sony was trying prevent consumers from making multiple copies of their CD’s, but the software also rendered the CD incompatible with many CD-ROM players in PC’s, CD players in cars, and DVD players. Additionally, the software left a back door open on all infected PC’s which would give Sony, or any hacker familiar with the rootkit, control over the PC. And if a consumer should have the temerity to find the rootkit and try to remove the offending drivers, the software would execute code designed to disable the CD drive and trash the PC.

Traitorware is sometimes included in products with less obviously malicious intent. Printer dots were added to certain color laser printers as a forensics tool for law enforcement, where it could help authenticate documents or identify forgeries. Apple’s scary-sounding patent for the iPhone is meant to help locate and disable the phone if it is lost of stolen. Don’t let these good intentions fool you—software that hides itself from you while it gives your personal data away to a third party is dangerous and dishonest. As the Sony BMG rootkit demonstrates, it may even leave your device wide open to attacks from third parties.

Traitorware is not some science-fiction vision of the future. It is the present. Indeed, the Sony rootkit dates back to 2005. Apple’s patent application indicates that we are likely to see more traitorware on the horizon. When that happens, EFF will be there to fight it. We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.”