Reports form the BBC suggest that Google’s Gmail and Microsoft’s Hotmail have been under siege from phishing attacks which have targeted thousands of service users in an industry wide scheme.

Both Google and Microsoft have moved to stem any damage. Users of Yahoo and AOL email services were also hit.

The BBC stated that they were shown two lists which contained the name and passwords of 30,000 people who use Gmail, Hotmail, Yahoo and AOL email services. And the lists were said to have been posted on the web for anyone to access.

Google told the BBC that only 500 of its customers had been named, although it said a third list was in existence, but declined to give numbers.

A Google spokesperson said:
“We recently became aware of an industry-wide phishing scheme through which hackers gained user credentials for web-based mail accounts including Gmail accounts.

“As soon as we learned of the attack, we forced password resets on the affected accounts. We will continue to force password resets on additional accounts when we become aware of them.”

Google appeared keen to highlight that the scheme did not actually breach Gmail security, but involved a none too uncommon scam which persuaded people to give away their personal information to cyber criminals.

A phishing scheme is one which usually involves bogus emails purporting to be from a bona fide organisation which invites recipients to send back their personal details, log-in usernames and secure passwords. And despite frequent warnings from the organisations themselves and computer security experts not to give away personal details to anyone, phishing attacks remain very successful in their simplicity and ruthlessness. Most are based on a good copy of a bona fida email and most introduce an element of bullying into their message: act now, or account will be closed down.

This particular scheme started when 10,000 Hotmail addresses were posted online at Pastebin, a website mostly used by developers to share code. But that was just the start, with a further 20,000 names being uploaded which contained e-mail addresses and passwords from Hotmail, Yahoo, AOL, Gmail and other service providers.

Although some of the details were old, or indeed fake, many were genuine.

A Microsoft spokesperson said:
“Our guidance to customers is to exercise extreme caution when opening unsolicited attachments and links from both known and unknown sources, and that they install and regularly update their anti-virus software.”

A person from Yahoo reiterated the rest, urging its customers to “…
take measures to secure their accounts whenever possible, including changing their passwords…”

Computer security industry experts called for the providers to do more to educate their customers as regards the dangers of such phishing attacks.

Guest Article by Neil Camp

The computer security giant McAfee has identified which Internet searches are most dangerous to computer safety and which are the safest.

McAfee’s report, entitled ‘The Web’s Most Dangerous Search Terms’ claimed that dangerous Internet searches include searching for things such as free music or screensavers. These search terms are used by cybercriminals to ensnare web users and lead them to their own websites.

Once a web surfer has visited this website, they are vulnerable to downloads that infect your computer, such as spyware which can help reveal private bank details to hackers and other cybercriminals.

McAfee’s report also identifies that these dangerous search terms are changing with regard to the new global economic environment. With higher numbers of people being made redundant due to the economic slump affecting so many, cybercriminals are now using search results to target people looking to save money or find a job working at home.

Jeff Green, senior vice president of McAfee Product Development & Avert Labs said: “Cybercriminals are smart. Like sharks smelling blood in the water, hackers will create related Web sites laden with adware and malware whenever a particular topic increases in popularity. Unsuspecting consumers are then tricked into downloading malicious software that leads them to blindly hand over their personal assets to cybercriminals.”

The riskiest set of search words, according to McAfee’s report, include keywords to the variation of ‘screensavers’. The research concluded that nearly six out of the top 10 search results for the keyword ‘screensavers’ contained some form of malware.

The riskiest search of the 2,600 most popular keywords that McAfee researched was ‘lyrics’, with the risk factor rising to one in two.

The research concluded, however, that the word Viagra was one of the least risky of keywords. The keywords with the safest risk profile included search words related to health and the current economic climate.

McAfee’s report also indicated global variations on these risks. Many of these countries had keyword categories that ended up exposing web surfers to the higher risk sites. 12 countries were exposed to an overall higher risk than McAfee’s average, including Mexico and India. McAfee’s report therefore pointed to cybercriminals targeting those outside of the U.S.

McAfee gave caution to home workers and to those looking to save money: if a result contains the word ‘free’ it has a 21.3% chance of infecting a computer with spyware, spam, adware and other malicious cyber threats. The search ‘work from home’ is four times riskier than the average risk given for all popular terms.

To protect against these vulnerabilities, McAfee SiteAdvisor Technology has been designed. This rates every trafficked site on the Internet to conduct automated tests. Web sites are ranked using coloured ratings, so that users are knowledgeable as to what they are clicking on. McAfee have also recently announced the Cybercrime Response Unit to help arm users against the threat.

Guest Article by Neil Camp

Dave DeWalt, President and Chief Executive Officer of McAfee – one of the world’s leaders in computer security – presented at Fortune Brainstorm on a panel to discuss cybercriminology.

The Fortune Brainstorm Tech is a summit which every year brings together the top CEOs, pioneers and businesses to discuss issues and current events in the world of technology for three days in Pasadena, California.

Topics included why it is so hard for authorities or security companies such as McAfee to comprehensively catch online crooks. These range from the very real and dangerous threat to national security such as online terrorists, to the hackers trying to sabotage businesses, to the cyber criminals which endanger personal internet user’s private details as they bank and shop online.

This year at Fortune Brainstorm Tech, panellists such as McAfee’s Dave DeWalt discussed issues centred on the theme ‘Global Crises, Global Opportunity’. This reflects the inherent benefits of internet and technology despite the potential danger from cyber criminals.

Particular attention was given as to how technology companies in all kinds of sectors and areas can survive and even flourish in the recession. The positive outlook for the technology industry is continued, with leading figures in computer security and technology having discussed how the industry can help lead the way as the world attempts to recover from the severe economic downturn of recent years.

The event was held on 24th July, 2009.

Guest Article by Neil Camp

South Korea is coming under repeated attack from hackers and malicious viruses and is, unsurprisingly, pointing the finger at its northern neighbour.

Yet research into the attacks, which affected computers in the U.S. as well as South Korea and centre on web site outages (a server is deliberately swamped as people are directed by a virus into one site at the same time), show that the five IP addressees used to deliver the virus did not originate from North Korea. Rather, they were based ironically in South Korea itself and the U.S, as well as Austria, Georgia and Germany.

South Korea and US officials quickly blocked the five sites, although it is believed that they were being controlled remotely from outside of the five countries. In effect, the creator of the virus was using zombie computers (those unknowingly controlled by a third party), to launch the attack. And the trail from the zombie computers could lead back to North Korea, say US experts.

But the five rogue IP addresses are the tip of the iceberg. South Korea has blocked a further 86 rogue addressees based in 16 countries. This is indeed worrying, but the actual damage caused has been minimal.

The attacks have been linked to other concerted attempts to crash and disrupt other major websites, including the Nasdaq Stock Exchange, the Pentagon, South Korea’s presidential Blue House and the White House.

South Korea’s intelligence agencies believe that their neighbours are to blame, but admit that this is based on technical reasons, as well as circumstantial evidence.

And North Korea is an unpopular state for many reasons, not least for its stance on nuclear missile tests and launches.

Unsurprisingly, the North Koreans have stayed tight lipped over the accusations, but a number of attacks on sites in the South, both governmental and private, continue apace.

But the South Koreans remained convinced that the North was behind the attacks. They highlight the fact that the North are bitterly opposed to a planned cyber warfare exercise between the South and the US. And the South believe that the North has created a special cyber warfare unit which has the main purpose of hacking into South Korean and US military networks.

Nearby Japan takes the threat seriously and is closely monitoring the situation, although no attacks have yet been reported.

Guest Article by Neil Camp

Cyber criminals are exploiting Michael Jacksons death by spreading spam and viruses via bogus sympathy emails.

And grieving fans are amongst the worst victims. Computer security experts are warning everyone to be on their guard against such cynical attacks.

It took some hackers and spammers just hours to start launching cruel emails into the system. One example claimed to have up-to-date news of the 50-year-old mega-star’s progress in hospital, while others stated they had secret pictures and songs.

There were a number of subject lines in use, including ‘Remembering Michael Jackson’. Attachments included a ZIP file with the title ‘Michael songs and pictures.’

But once opened, many of these cynical emails deposited viruses and captured thousands of email addresses for further distribution of spams.

Computer security firms reported a massive rise in the spam right after news of Michael Jackson’s demise. They point out that the perpetrators have no respect for anyone and are just interested in making money and spreading trouble around the globe. They recommend zapping such emails immediately and never opening any accompanying attachments.

Another spam started the rounds later on, this time supposedly from Tamla Motown’s founder Berry Gordon. It promised a chance to win free copies of Michael Jackson CDs, but again proved to be bogus and dangerous.

Guest Article by Neil Camp

Following hot on the heals of a Welsh county council being struck by an unknown computer virus, comes news that London council Ealing has suffered a similar fate.

Welsh county council Powys was believed to have been struck down by two separate computer viruses in April. Council chiefs claimed damage was minimal and the mystery virus seemed only to hit Microsoft applications (including Word and Excel) and Adobe Flash software. Email was unaffected, although 500 staff were said to have complained about slow computers and slow surfing times.

Powys computer security chiefs pointed out that they were not alone in having to deal with such problems and that many government departments and official websites had been targeted by malicious hackers.

Ealing appeared to have a slightly different problem from that of Powys, with their telephone system being brought down, emails not working and the internet unobtainable.

Ealing customer services could not be reached by the internal telephone system and only staff direct numbers worked.

Fearing a major computer virus attack, council bosses decided to close down their whole computer system and make checks. The website became unavailable as technicians examined all of the council’s systems.

A spokesperson admitted that Ealing’s computer’s had been threatened by a computer virus and the situation was contained by closing down the system and the threat removed. The spokesperson didn’t elucidate as to whether a virus had been discovered, or what kind it might have been. The spokesperson was also at pains to point out that the council has a comprehensive anti-virus software capability.

But, as with Powys, Ealing seems unsure as to the exact nature of the attack.

Guest Article by Neil Camp

It’s been well-publicised fact that Microsoft’s corner stone application within Word, PowerPoint, has been vulnerable to attacks from hackers.

Microsoft has now plugged the problem with the release of key updates.

In a simple attack, hackers would exploit the flaws within PowerPoint by tricking users to open up a presentation and unknowingly, download a malicious software programme contained within it. The mere act of opening it is enough to start the malware on its trip to deep down inside a computer’s registry files.

From there, it bides its time, waiting for the installer to give it instructions based on what it finds. Once downloaded, the malicious software programme, know as a Trojan, gets set up for its first job. It tests the internet connection of the computer it is attacking by ironically linking with the Microsoft Windows update site.

Then, once the Trojan has linked up and tested the connection, it sends back to its originator key information, including the computer name, the IP address and the operating systems being run. It then examines the computer’s directories, identifies any significant information and also updates itself, or paves the way for further malware, depending on what it has found.

To counter the ease of PowerPoint being attacked, Microsoft has released a number of patches which help solve the problem, and they are applicable for all versions back to 2000.

But for Mac users with 2004 and 2008 versions, there is still no patch available. Mac users will have to watch until a patch has been developed. They will have to resist downloading unknown PowerPoint files.

Guest Article by Neil Camp

According to a recent report, around 12 million computers users in the U.K. have been on the wrong end of a virus attack in the last six months.

Viruses come in many shapes and forms, but people are now getting used to the words worm, hacker, malware and spyware.

And the report bemoans the fact that despite there being acres of media coverage on malicious computer attacks, and there being a multitude of anti-virus products, so many people still continue to fall foul of the cybercriminals.

The report also questions why such attacks continue, given the fact that 95% of those questioned claim to use anti-virus software protection.

Worryingly, of those attacked, nearly 40% stated the attack caused a problem to their system, with 10% saying that a virus attack had made their computer unusable. And 5% said that they had personal information stolen.

Nearly 10% admitted that the attack had followed after a visit to an adult content website, which proved theories that many cybercriminals use such sites to attract the unwary.

And when it comes to virus attacks, it seems that men are more vulnerable than women. Some 27% of men were affected, as opposed to 21% of women. Not surprisingly, it was the youngster being caught more often than their elders. Of those under 20, nearly 40% had been affected by a virus.

The report highlighted the latest worm scare that had worried computer security experts and users alike was the Conficker. Also known as Downadup and Kido, this worm has infiltrated an estimated 15 million computers worldwide and turns them into slaves, or zombies. They then form part of a botnet which is under the control of the hacker, and can either be used to issue millions of spam emails, or steal information off the systems.

The zombie computer, once infected, is helpless as it becomes under the control of the hacker. It opens the ‘back door’, allowing spyware and other malicious programmes to be downloaded deep into its systems. The user usually remains unaware of what is happening, especially as the worm stops the on-board anti-virus programme working.

Guest Article by Neil Camp

Proving that all systems are vulnerable from cyber attacks is the report that a Swedish national managed to hack into the systems at software giant Cisco and steal their source code.

But that wasn’t the only thing that the Swede is meant to have hacked into.

In a number of allegations contained within a U.S. legal indictment, the Swede is also alledged to have penetrated various NASA systems.

The attacks on Cisco and NASA took place in May, 2004, when the Swede was just 16. Now aged 21, he faces legal action after an investigation by the FBI, U.S. Secret Service and the Swedish authorities singled him out as the culprit.

The Swede has apparently disappeared, but unless the charges were filed locally, the Swedish government does not extradite its citizens to the U.S. If he were to be sent across the pond, he could face ten years in prison and a fine of $250,000.

In 2005 he was fined $25,000 and ordered top pay damages for breaking into three separate Universities and using their computers to launch a number of attacks, including those on Cisco.

What worried computer security experts was that with such a lot of Cisco source out in the cyber crime fraternity, the ability for hackers to penetrate various systems was dramatically increased.

Guest Article by Neil Camp

It’s comforting to think whilst your aircraft is in a stacking pattern over an international airport awaiting final approach, there’s a bunch of geeks out there trying to hack into air traffic control computers.

The durability of the U.K. air traffic control systems when it comes to fighting off hackers has been questioned on quite a few occasions, but it seems that the U.S. are a little more forthcoming when it comes to dishing out information on the threats involved.

A recent U.S. report given to The Federal Aviation Administration has highlighted critical vulnerabilities in the software of their systems and brought to light a large number of “cyber incidents” which could not be properly explained, or resolved.

The report was complied by top accountants KPMG and the Office of the Inspector General for the U.S. Department of Transportation. It concluded that there were a total of 763 high risk security issues in key web servers. There were also a further 3,000 other security issues, including incorrectly patched software, vulnerable software sections and web applications that had not been correctly configured.

What this translates to is a major risk of authorised access by hackers into FAA systems that control vital data and also air traffic control systems. The engineers behind the report actually used their findings to demonstrate the lax security by launching their own attack and gaining access to the Traffic Control Management System, a control tower and a weather system.

Hackers have hit the FAA systems a number of times, one of the worst coming in 2008 when they targeted the domain controllers which could have disrupted the ATC mission support network.

The FAA of course is not alone in being accused of a relaxed attitude to cyber attacks. President Obama has pledged a general review and improvement across many U.S. government departments as doubts were voiced over their ability to withstand hackers.

The report came up with a number of key recommendations, including enhancing intrusion detection systems, tightening up security on web applications and improving the implementation of software patches.

Accepting the main thrust of the report, the FAA did say in mitigation that the air-control systems are not connected to either the administration systems (where the main vulnerabilities are found), or the internet.

Guest Article by Neil Camp