IT Security Blog

Confidential UK Home Office Disk Found in Laptop Bought from eBay

By

lapcd.JPGIn another addition to the UK government’s growing list of information security blunders, a data CD which was found labeled as coming form the UK Government’s Home Office Branch, was found lodged inside a laptop bought over the internet from eBay. Yes, bought online which at first was kind of funny for the laptop engineers who handled the device after it was brought in by a customer for repairs. The un-named customer apparently won the online bidding for the laptop and took it for repair to Leapfrog computers for repairs. The technicians found the disk crammed in between the keyboard panel and the main board and thought of it trivially till they read the words, “Home Office Confidential”. The seriousness of the situation arose when technicians found the laptop hard drive and the disk itself to be encrypted rendering the information stored within it un-readable. They immediately called the police which dispatched anti-terrorism units to recover the government laptop and took it to the Greater Manchester Police Headquarters for safe keeping.

These types of incidents are not unusual which began last year when on Nov 20, 25 million people and 7.2 million families had gone missing which had information such as names, addresses, dates of birth, child benefit numbers, national insurance numbers and bank and social security details. The Department of the Environment on the 11th of December, lost two computer disks containing names and addresses of 7,685 learner Northern Ireland motorists. On the same day, confidential information regarding dozens of prisoners/inmates released to private businesses. On Dec 11, a company union claimed that personal information of hundreds of members were sent to four companies by health authority employers. Unite said Sefton Primary Care Trust released data including names, dates of birth, salary, pension and national insurance numbers of 1,800 employees. On Dec 18, records of 3 million learner drivers’ information were lost when a hard disk which was sent to the US for maintenance was lost during processing. The HM Revenue and Customs Service lost 6,500 customers of private pension firms were lost contained within a computer cartridge. The NHS trust, lost patient information of 168,000 people and lastly, the Police records from Devon and Cornwall were found in a dump by a man looking for spare parts for computers who was going through scrap equipment.

Such incidents are alarming and very dangerous for some of the lost information were not even encrypted. The one they found within the laptop was encrypted but given time, a computer expert with no good intentions could theoretically have broken the code exposing sensitive information into the unknown. These are some of the ones that are publicly known and as it shows, the UK Government might want to shore up it’s strategy of safeguarding information for the public and it’s own sake.

Trojan Hits Windows Mobile

By

pocketpc.jpgMcAfee, one of the industry’s leading software developers of anti-virus software have through its Avert Labs has discovered a new Trojan that infects WindowsCE which was developed for the Microsoft PocketPCs. The Trojan, disables data and network security rendering it useless and can be installed via memory card. The Trojan has the nasty ability to defy removal through software methods with the exception of a total re-format and re-installation of the applications and OS from a secure and safe source. Infected users are also asked not to use flash drives or memory sticks with saved data for they can also contain the code which spreads the trojan.The Trojan was discovered in China and makes itself the home page of the heavily reliant PocketPCs on the web. Information regarding the device, serial number and other personal information are then sent to the author of the Trojan leaving it open to future attacks and installation of malware due to security that has been turned off by the said Trojan.

The Trojan has been found contained snugly within legitimate installers and Asia being one of the fastest growing areas for mobile devices it would only take a little time before the said Trojan aptly named InfoJack spreads and wreaks havoc on Asia’s growing mobile PC community. The US-CERT or Computer Emergency Readiness Team has already taken notice of the said Trojan and is closely monitoring for further developments. Them along with anti-virus developers are currently developing methods of defeating the perpetrator and hopefully also capture the crook who designed the said malware.

‘Link Hack’ points MySpace users to malicious Phishing site

By

myspace.jpgTo think the attacks over the internet would end, users of MySpace have been hit by a termed “Link Hack” which was discovered and is being studied by Websense which found the hack to re-direct the parsing process from the MySpace profile page, to the malicious site them back to the said legit page. The hack allows malicious code to be attached to all aspects of the MySpace page (such as the View Pictures, View Profile and other such legitimate functions that are normally used on the social networking site but instead of doing the requested operation, the user is re-directed to another site which prompts the user to click the back button or try to figure out what the hell just happened with the malicious phishing site getting all the info it needs and the cycle continues again and again.

The hijack process comes in stages and all the while the misguided clicks always execute a piece of JavaScript which re-directs the user to a page that seems to be the MySpace site but actually isn’t. The problem has seemingly dropped traffic due to the shutting down by the phishing site. Websense has informed the MySpace people regarding the matter and they are surely taking action to provide measures to ensure the privacy (which may be next to impossible to such open sites) of their subscribers. Symantec has also raised the alarm and has released information that can help users avert the disclosure of personal information to the said phishing site. MySpace has also identified several individuals who might be involved in the attack and have suspended their accounts as they continue to investigate the actions of these errant users and what part they had with the attach on the social networking site.

Google’s Orkut Social Networking Site – Hit by Trojan

By

orkut.jpgIn the endless fight for IT security in the vulnerable internet, even Google’s Orkut has been hit by a self-propagating Trojan which is currently being studied for a possible cure to remove it from the wild. The Trojan works when the creators get information and send messages with links that prompts users to install a newer version of the flash player program. The user is greeted by a pop-up window that tells the user an installation of a newer version of software being used is in need of download and subsequent update. The program downloads a seemingly legal copy of the software installer which in turn begins to unload it’s payload of malicious code and propagates by sending more messages with the addresses that are tagged as friends in the victim user’s address book. So far, the pop-up message that promotes the spread of the Trojan is only in Portuguese which has been seen only in Brazil and with a few in India, but the security experts at Symantec are worried that an evolved version can unload more malicious code that can do more damage to the millions of users on the web, even cause another cascading slowing down of the internet as a whole if these Trojans begin to overload vital internet hubs forcing them to shut-down due to the infinite requests for direction which it would be unable to handle. Google has been warned by Symantec which has yet to release a reply to that warning. Symantec and many other industry leaders in the development of virus/,alware removal software have predicted the rise in attacks that would take effect this year as more and more people get onto the social network bandwagon making the world a smaller place but at the same time opening previously shut doors ripe for attack fromt the ever changing face of malware.

Encrypted Hard Disks – Data Secure —Naaaahhhh!!!!

By

notsosecure.jpgAs the evolution of the lowly hard drive goes with the increase of storage capacity into the terabyte range and hardware based-encryption it seems that data cannot be more secure once it is stored within the said hard disk. Well, according to WindowsIt Pro, not totally for based on their testing of several hard drives that come as wireless removable storage devices you connect to your USB 2.0 ports, it ain’t that secure after all. The device/s tested was even secured by a wireless security key that used rfid technology to unlock the drive for use by authorized users only (which in the real world is anyone who has the keychain key).
The name and brand which we would not name for obvious reasons have indeed admitted the weakness and that the advertised capability of the drive was wrong. As it turns out, the true 128-bit AES security system was used only by the RF chip and the controller on the drive which was easily defeated by removing the drive from the case and connecting to a now standard SATA drive connector. The drive was encrypted, but not at the ‘military grade’ levels that were advertised for the encryption chip used only a basic encryption level which was not up to par with accepted high-encryption standards.

Both the manufacturers of the controller boards, casing and key, have acknowledged the flaw and promise a more robust system (which is to use a more secure encryption chip that is said to come out this year but is still only in development) by the end of the year. So we guess the false advertising with regards to the encryption standard of the drives should be changed from ‘Strong 128-bit AES encryption’ to ‘standard encryption’, which would only be fair for people do make choices based on the products qualities and capabilities.

Microsoft Opening Doors…. What Gives?

By

microsecrets.jpgNews that Microsoft, the world’s largest software developer, is going to disclose some of their so-called proprietary/secret software technology to competitors is sending chills down the spine of many IT industry leaders. This comes after the company suffered a blow when Yahoo.com rejected their bid to buy a majority of shares from the internet search engine giant. Yahoo might have been in the rut for sometime, but they are still one of the most used search engines on the planet making them an ideal target for the IT giant.

The news comes as a surprise as Microsoft has always worked hard to prevent technology in terms of software design and other inter-operability technologies between their operating systems like XP and Vista, the Office Family and many other software products that have managed to keep the lead in terms of the number of installations. Being the most recognizable IT firm (and even the most hated by some), Microsoft has managed to come out of many problems such as the well criticized and publicized flop of their Vista SP1 which many saw as just another way for the firm to say they care for their customers. People who have the Service pack were not at all pleased with it saying thatit was not as they expected (maybe referring to the milestones they came over when they did the same for XP with SP1 and SP2). This leaves a sour taste in the mouths of prospective users still with XP that the upgrades and improvements will be not as significant as they had hoped for.

Microsoft has been in the spotlight before but not as a company who regularly shares details about its products. The step might be a step in the right direction or it may just prove to be a testing of the waters for the software giant. Time will tell if the information they do disclose would benefit competitors or as others have said, it might just be another try to get people hooked on their technology, taking them down as a whole (hook, line and sinker) into the world of Microsoft.