Risk Factor iconRisk Factor

IT Hiccups of the Week: Expect Problems with New Medicaid System New Hampshire Warns

Last week was a relatively quiet week on the IT-related snag, snarl and uff da front. But it seems no one can roll out a new Medicaid system without IT problems, as many of New Hampshire's 10 000 Medicaid providers are likely to unhappily learn, beginning today.

New Hampshire Government Officials Say Expect Problems Today With Its New Medicaid System

At least no one can say they weren’t warned.

“No one is under the illusion that we won't have problems… It's not going to be perfect. We know that there are a number of issues we have with this. We want to make sure we have a full understanding of what those issues are.”

Those presentiments come courtesy of New Hampshire’s Health and Human Services Commissioner Nick Toumpas, quoted in the New Hampshire Union Leader last week when he told the state’s Executive Council and the Union Leader on what to expect when the state's long-delayed new US $90 million Medicaid Management Information System (MMIS) goes live today, 1 April.

The new MMIS system contract was originally let in December 2005 to Affiliated Computer Services (which was acquired by Xerox in 2010). The total contract cost, New Hampshire Watchdog.org states, was for $60 million: “$26 million for the design phase, and $34 million for the full five-year operational phase.” The design phase was supposed to be complete by the end of 2007, and operations were scheduled to begin on 1 January 2008.

The Union Leader reports that the MMIS design “has been modified at least five times, with the Executive Council repeatedly voting to extend the contract after Xerox missed eight deadlines over the six-year period.” According to the paper, the reason for the design changes and delays were caused by both state and federal additional system requirements, as well as contractor implementation problems.

New Hampshire has been paying EDS (now owned by HP), the until-today current MMIS system developer and operator—and losing bidder to ACS—some $8 million a year to keep the legacy system operational.

Toumpas told the Executive Council to expect angry phone calls from many of the state's 10 000 Medicaid providers saying that they were having problems with the new MMIS since there were known defects that haven’t been corrected yet. He also said there may be “calls from people about a defect we haven't anticipated yet,” as well. Toumpas said that Xerox had beefed up its response team in anticipation of the expected complaints.

I’ll let you know next week whether the anticipated errors were minor or major. If the recent experiences of other states like Florida, Idaho and Ohio are any indication, the latter is more likely than the former.

Read More

Drone Manufacturers Whine That They Are Misunderstood

The AP published a story today about how drone manufacturers are worried about the growing “privacy backlash” in the United States concerning the prospect of swarms of government and private UAVs taking to the air once the U.S. Federal  Aviation Administration works out how to let them fly safely in U.S.  airspace. The agency  intends to have the rules worked out by 2015.

The manufacturers, says the AP, are worried that the FAA will dawdle in its rule making and thus allow politicians, privacy advocates, and others who worry that drones will be abused the time to place what they consider to be unnecessary barriers to their use.They are worried that their $6 billion in expected sales to law enforcement and public safety agencies might be negatively impacted, especially with military contracts shrinking.

Apparently, in the manufacturers’ mind, those who “fear … the technology will be misused” just need to be re-educated to their life-saving benefits. The AP story quotes a UAV support services supply company CEO as saying, “Our lack of success in educating the public about unmanned aircraft is coming back to bite us,” while a drone manufacturer is quotes as saying, “Any legislation that restricts the use of this kind of capability to serve the public is putting the public at risk.” The story also quotes the executive director of the Airborne Law Enforcement Association as saying that UAVs “clearly have so much potential for saving lives, and it’s a darn shame we’re having to go through this right now. It’s frustrating.”

Yep, we need drones everywhere for the children’s sake.

If it wasn’t for those loud, pesky politicians like Rep. Ed Markey, D‐Mass., co‐chairman of the House Bipartisan Congressional Privacy Caucus, who introduced updated legislation last week to among other things (pdf), require the FAA to “not issue drone licenses unless the application includes a data collection statement that explains who will operate the drone, where the drone will be flown, what kind of data will be collected, how that data will be used, whether the information will be sold to third parties, and the period for which the information will be retained” as well as require “law enforcement agencies and their contractors and subcontractors [to] include an additional data minimization statement that explains how they will minimize the collection and retention of data unrelated to the investigation of a crime,” those drones could be out saving lives right now.

Well, maybe once New York City’s Mayor Bloomberg term-ends, the drone manufacturers can hire him as their spokesperson to educate Americans on how, as one drone manufacturer told the AP, “the benefits of these solutions (drones) …  far outweigh the concerns.” Bloomberg said last week that drones are coming no matter what and, as a consequence, that Americans are just going to have to learn to live with “more visibility and less privacy.” Just think of them as merely roaming security cameras in the sky, he suggested.

There, don’t you feel safer already?

Photo: Erik Simonsen/Getty Images

This Week in Cybercrime: “Anonymized” Cellphone Tracking Data is Pure Fiction

Anonymizing Cellphone Tracking Data Doesn’t Work

Earlier this month, we highlighted a Data Center of China Internet (DCCI) report revealing that up-to-the-minute information on where people are is becoming a big quarry for cybercriminals. Though that report focused on thieves using malware-laced apps to acquire the location data, researchers from MIT and the Universite Catholique de Louvain in Belgium recently found that anonymized mobile phone location data—the kind that police and other legal authorities might demand from a wireless carrier—can easily be used to home in on the identity of a single cellphone user. The American and Belgian team, which looked at 15 months of anonymized mobile phone data for about 1.5 million European users, found that they could identify 95 percent of them from just four data points. The data points are generated when a handset periodically connects to nearby cell towers as they move and when they make and receive calls and text messages. What’s worse from a privacy standpoint? About half of the users could be identified using only two data points. In a paper published this week in Nature Scientific Reports, the researchers note that:

"We show that the uniqueness of human mobility traces is high, thereby emphasizing the importance of the idiosyncrasy of human movements for individual privacy. Indeed, this uniqueness means that little outside information is needed to re-identify the trace of a targeted individual even in a sparse, large-scale, and coarse mobility dataset. Given the amount of information that can be inferred from mobility data, as well as the potentially large number of simply anonymized mobility datasets available, this is a growing concern."

The concern is warranted because governments including the United States have radically increased their snooping activities. For example, the FBI has gone hog wild issuing so-called National Security Letters (NSLs), which compel businesses such as wireless carriers and Internet service providers to turn over information without a warrant. In 2011, the FBI sent out more than 16 000 NSLs.

The researchers conclude that, “Going forward, the importance of location data will only increase and knowing the bounds of individual's privacy will be crucial in the design of both future policies and information technologies.”

Read More

Divers Caught Cutting Internet Backbone Cable

What’s the least sophisticated, but probably the most foolproof, way to cut off a country’s Internet traffic? Literally cutting it by severing undersea Internet cables. That’s what the Egyptian navy caught three scuba divers doing in the waters 750 meters off the port city of Alexandria on Wednesday. The cable they were going after was the 18 000-kilometer-long South East Asia–Middle East–Western Europe 4 (SEA-ME-WE 4) line, the Internet backbone that carries data between Europe, Africa, the Indian subcontinent, and Malaysia and Singapore in southeast Asia.

Internet service in Egypt had already been off since 22 March, supposedly because a passing ship damaged a separate cable. The trio, who approached “hacking” from a different angle than usual, took to the water a day before repairs to the other cable were expected to be completed and service restored.

The effects of the ship taking out that cable were experienced as far away as Pakistan and India, Jim Cowie, chief technology officer at Renesys, a network security firm, told the Associated Press. Cowie noted that a severed cable can force wide scale data rerouting, with some of the packets traveling the long way around the world.

Ship anchors and propellers have been blamed for serious cable breakages in the Mediterranean that affected northern Africa. Perhaps this incident will cause investigators to cast a more jaundiced eye in future cases.

Illustration: TeleGeography

Internet Spam Fighter Weathers Massive Attack

Imagine this: a band of criminals imperils a city by putting its police precincts under siege to the point that the police are so busy protecting themselves that they are incapable of doing anything else. Something analogous was just narrowly avoided on the Internet, when anti-spam watchdog Spamhaus came under the largest denial-of-service attack ever recorded. Spamhaus, which helps keep e-mail inboxes free from come-ons hawking male enhancement pills, low-interest loans, and foreclosed properties, was reportedly in the crosshairs of spammers angry about being added to Spamhaus’ blacklists, which make it more challenging to ply their illicit trade.

The attacks, which threatened to knock the not-for-profit Web guardian’s site offline, were a bit of evil genius, using a quirk in the way the Internet works to water Spamhaus’ plants with a fire hose. On 18 March, the attackers began employing a distributed denial of service (DDoS) technique known as DNS reflection. It’s designed to overwhelm a site after the attacker sends simultaneous information requests to thousands of servers with source addresses spoofed so that responses to the DNS queries are all routed to the victim’s servers. In this case, Spamhaus’ servers were being force fed more than 300 gigabits per second, says San Francisco-based CloudFlare.

Spamhaus retained the services of CloudFlare, which specializes in deflecting unwanted Internet traffic away from companies’ servers, to keep its sites from being crushed under the weight of the incoming data deluge. For the sake of comparison, Dan Holden, director of security research at Arbor Networks, told the Wall Street Journal that, “Up until this, the largest attack we had seen was a 100-gigabit attack in 2010 [targeting a U.S. bank] and an 80-gigabit attack in 2012.”

“It is a small miracle that we're still online,” Spamhaus researcher Vincent Hanna told the Journal.

Holden also noted that the attack against Spamhaus caused collateral damage across the Web because some servers along the paths between Spamhaus and the servers that were queried to set off the data tsunami were overwhelmed by the volume of data they had to handle.

But as of this morning, reports are coming in that the attackers—probably frustrated that their best shots failed to put Spamhaus down for the count—have retreated to their corner, probably to plot some more. According to a BBC report, Spamhaus accused Cyberbunker, a Dutch Web-hosting company, of being the brains of the operation. Meanwhile, the BBC reports on the unverified claims of a man who said to be in contact with the attackers. Acting as their mouthpiece, he explained their rationale: "[Spamhaus abuses its] position not to stop spam but to exercise censorship without a court order."

Spamhaus’ Hanna disputed that claim, telling the Journal that, "We have 1.7 billion people who watch over our shoulder. If we start blocking emails that they want, they will obviously stop using us."

IT Hiccups of the Week: Red Bull Racing Gets Apology from McLaren Over ECU Software Issues

Last week produced another potpourri of IT-related snags, snarls and snafus. We start off this week with a software issue that impacted Formula One's kick-off race in Australia.

McLaren Apologizes for Software Issue in its ECU

McLaren Electronics Systems, which supplies all the Electronic Control Units (ECU) for Formula 1 racing teams (as well as for NASCAR and IndyCar) apologized last week to the Infinite-Red Bull Racing team for a software problem that affected driver Mark Webber’s car at the start of the Australian Grand Prix on 17 March, AutoWeek reported.  The ECU, which McLaren says [in an entertaining Sky Sports video] is the “brains of the car,” controls the engine, clutch, gearbox, differential, fuel system and the drag reduction system, and provides critical performance telemetry to the racing crew.

This year, McLaren introduced an upgraded ECU in anticipation of the turbo V6 engine to be used starting in the 2014 season; that engine, racing officials hope, will draw fans back to Formula One racing.  However, in February’s preseason winter testing in Barcelona, several racing teams were bedeviled by software “glitches” that resulted in problems such as the loss of communications between race cars and racing crews and malfunctioning of the cars’ kinetic energy recovery systems (KERS). The problems were so severe that McLaren reportedly had to revert for a time to the previous ECU software version, which has apparently worked reliably since it was introduced in 2008.

McLaren was confident enough that it had fixed the preseason ECU problems that the new software version was used for the inaugural Formula One Grand Prix race in Melbourne. While no problems were discovered during pre-race qualifying, at the beginning of the race, the second fastest qualifying car, driven by Webber, experienced an ECU problem that cut the Red Bull Racing team's ability to monitor the car and shut down the car’s KERS system. The team was forced to reset the system, which cost the Webber valuable time. The KERS system wasn't restored to full functionality until lap 20.

Read More

This Week in Cybercrime: What Do We Know about the South Korean Cyberattack?

Clues But No Conclusive Evidence

What do we know about this week's cyber-attack on South Korean broadcasters and banks? We know that it was a coordinated attack that hit roughly 32 000 computers on 20 March at 2pm local time. We know that it took several hours to restore online banking services for Nonghyup Bank and two other banks and to get the companies’ ATMs up and running. And although TV broadcasts by YTN, a 24-hour news channel, and two other networks were not affected by the attack, the networks’ computer servers may have suffered severe damage. Researchers have also figured out that the malware was programmed so that when the clock struck two, it would disable a machine’s security software, determine which version of Windows its host was running, and begin corrupting the hard drive. According to researchers at FireEye, the malicious code then overwrote all the hard drive contents. After wiping the hard drives and master boot record, the program forced a reboot that turned the computers into high-tech paperweights. According to a Wired article, the malware “also included a module for deleting data from remote Linux machines. The malware searched for remote connections and used stored credentials to access Linux servers and wipe their master boot record.”

Another piece of the puzzle, provided by security firm Trend Micro, indicates that its researchers detected a phishing email sent to South Korean organizations on the day before the attack. That come-on, ostensibly from a bank, had an attachment laced with a Trojan. This leads Trend Micro to think that the hackers had taken advantage of their own form of just-in-time delivery.

What we don’t know for sure is where the attack originated. The knee-jerk conclusion most observers jumped to is that North Korea had begun to make good on the threats it had been issuing since it was hit with UN sanctions following a nuclear test in February. It wasn’t long before China became the focus of suspicion. But as investigators dug deeper, South Korean government officials who initially said they traced the attack to a Chinese IP address had to admit a certain level of uncertainty. The IP address turned out to be one used internally by NongHyup Bank, one of the victims of the attack. South Korea’s Communications Commission said it belatedly discovered that by a freak coincidence, the address matched one registered in China. But South Korea still hasn’t taken North Korea off its list of suspects because this wouldn’t be the first time its neighbor to the north targeted the country’s media, banks, and government agencies. Seoul is still smarting from the so-called “Ten Days of Rain,” a 2011 denial of service attack for which it blames the Pyongyang government; the attack is said to have been an elaborate scan of South Korea's computer defenses.

Read More

Computer Technology Impact on 2013 Society as Predicted in 1962 and 1988

I am always on the lookout for stories featuring past predictions of the future impacts of technology on society and how closely they mirrored reality. So I was quite happy to find a couple of recent articles, one in BusinessWeek and the other in the LA Times, discussing technology predictions made by the CIA in 1962 and by a group of futurologists in 1988.

The CIA predictions involved a speculative piece, recently released, concerning how computers might impact future U.S. intelligence gathering, data processing and analysis. The paper was written by CIA analyst Orrin Clotworthy and entitled, “Some Far-out Thoughts on Computers” which was originally published in the agency’s Studies in Intelligence in 1962. In his paper, Clotworthy wrote that there was “rising optimism” to think that behavioral scientists would someday be able to use computers “to foretell the behavior of large groups of people within reasonable limits, given accurate and timely measures of certain telltale factors.”

Clotworthy also speculates that computers could be programmed by the year 2000 to perform as a “stand-in brain” that could test out different scenarios and make predictions of the behaviors of foreign leaders. He goes on to note while storage of the information needed for such a “stand-in brain” might pose a difficult problem, getting all the data required could be “obtained with relative ease.”

Makes one think about how much access the CIA had to personal, corporate and governmental data domestic and foreign back then. As a side note, Reuters reported two weeks ago that the Obama Administration is drawing up plans to allow “all U.S. spy agencies full access to a massive database that contains financial data on American citizens and others who bank in the country.”

Read More

IT Hiccups of the Week: Hundreds of Thousands Hit By U.S. Tax Filing Glitches

We had another interesting mixture of IT-related glitches, snarls, and snafus to choose from last week. We start off with U.S. taxpayers who will be waiting for their tax refund checks a bit longer than expected because of problems with some companies’ tax software products.

H&R Block and Other Tax Software Product Problems Delay Tax Refunds for Over 600 000

According to several news reports, H&R Block, one of the world's largest tax services providers, which files about 1 in 7 U.S. tax returns, announced on its blog that there was “a disconnect in the transmission of form 8863 from our delivery system to the IRS [Internal Revenue Service] E-file system”. That disconnect caused a delay in its customers getting their tax refunds. Federal Form 8863 (American Opportunity and Lifetime Learning Credits) is used to claim two higher education credits. Over 600 000 H&R Block customers who had their forms filed between 14 February 22 February  are said to be affected, a story at the Washington Post reports.

Part of the problem lay with the IRS – or more specifically actions by the U.S. Congress – which delayed this year’s filing period and required changes to Form 8863. Both actions apparently caught H&R Block and “a limited number of software company” product developers off-guard, the IRS said. The tax software problems have reportedly been fixed, but refunds might be delayed by up to 8 weeks in some cases.

In another problem, about 10 days ago, Minnesota tax officials said that anyone using Intuit’s TurboTax software to file their state tax returns could be filing erroneous tax returns. At first, Intuit downplayed the errors claiming that they affected only non-obligatory tax issues such as donating $5 to a political party, but state officials countered last Monday by saying that there were about a dozen problems with the TurboTax software, most affecting tax computations, Minnesota Public Radio (MPR) reported.

Within a few days of the state's announcement, Intuit claimed that its tax software was fixed and said that only 10 000 filers were affected. However, state tax officials told MPR that as of Friday, “it still isn't sure flaws in Intuit's TurboTax tax preparation software have been fixed.” The state is still telling residents not to use TurboTax until it has fully tested out the software. It also said that some14 000 tax returns using the software have been found to contain software-related errors.

Intuit says that it “will issue refunds to affected Minnesota state TurboTax customers for the full amount of their tax preparation fees.” Somehow, I don't think that will appease many filers who will now need to file amended returns.

Billing Problem Affect 145 000 Customers of EnergyAustralia

The Australian reported last week that problems with the introduction of EnergyAustralia's new IBM developed billing system has meant that some 145 000 customers have not been billed for their electricity or gas usage on time, including 21 000 that have not been billed at all. The Australian says errors in the new billing system are apparently higher than anyone expected.

The Australian quotes a source as saying, “The backlog is caused by IBM middleware (software) unable to handle sales files sent by third parties such as distributors. Due to inadequate validity checking, errors are created and the IBM team in India is woefully undermanned to handle the workload. These errors have to be manually fixed, which has resulted in a growth in the backlog.”

EnergyAustralia acknowledges the system is undergoing “teething problems” and that IBM has doubled its support staff to handle the problems. The energy company also insists, however, that it’s only a “small number of customers who haven’t had the best experience.”

EnergyAustralia has about 1.25 million residential and business customers.

Montreal Métro System Shuts Down

Last Wednesday, as feared, all four lines of Montreal’s Métro System shut down completely over the lunch hour because of known software problem in a critical main computer system server. According to a story in the Montreal Gazette, a series of Métro System shut-downs early last summer revealed that a there was an “unstable server” which is “part of the main computer system used to operate the métro.” The server is used to send and receive information from “most of the systems in the métro,” Montreal’s transit agency officials stated.

A software patch was installed last July, but métro engineers determined in October that a “more complex patch” was required.  The patch has been under-development since then and is scheduled to be installed late this month or early in April.

However, on Wednesday morning,  engineers noticed that the server’s software was becoming unstable again and was passing “bad data” to the main computer system. The engineers planned a controlled shutdown of the métro a little after noon for about 10 minutes in order to go to the back-up system. Unfortunately, the métro’s main computer system shut itself down before the engineers did as the “server gave bad data to the system and saturated the memory” of the computer. This uncontrolled shutdown complicated things, transit agency officials said.

It took over an hour to restore finally service.

Montreal’s transit agency officials apologized once again to métro riders, who have suffered outages in January and February as well. Agency officials promise the system will be better once the new software patch is put into place.

Yet Another Tesco Pricing Glitch

Given their regularity, it almost seems that U.K. retailer Tesco is deliberately creating pricing glitches to attract customers to its stores. As reported by the Telegraph, the latest pricing glitch “allowed shoppers to buy one product and get three free on 500g packs of I Can't Believe It's Not Butter (ICBNB) and multipacks of Danone Onykos yogurts.” According to the Telegraph, the pricing error worked both in the store and on-line. One shopper claimed to have paid just £9 for yogurt worth £133.

A Tesco spokesperson said that it was supposed to “be a simple buy one get one free offer” but an “IT error” was responsible for the unintended “unbeatable value.”

Last month, another Tesco pricing error showed up on in-store ads in relation to Thorton’s Premium Collection Chocolates. Here, however, the error turned a 50 percent off a £7 box deal instead into a final price of £7.35 a box.

You win some, you lose some.

Woman Arrested After Spending Money Due to Pay Error

There was a story from radio station WTAQ Wisconsin about a woman in Wisconsin being arrested for spending some $10 000 paid to her by mistake by her former employer.

According to WTAQ, the woman worked for the Stein Garden Center in the City of Oconomowoc and normally earned $8.25 an hour for her labors. However, a computer error changed it to $88.25 an hour.  Apparently, on receiving a windfall of $10 000, she decided to quit her job rather than tell her employer of the error.

About a month after she quit, her employer found the error and wanted the money back. The woman allegedly told the company she didn’t know anything about an error in her pay. When a police detective was called in to investigate, she then told him that she “thought the money had come from her aunt and she had already spent it on a new roof for her home.”

She later acknowledged receiving the money in error, but that “she had no intention of repaying it” since “it was the company’s mistake – not hers.”

The woman was charged, I assume with felony theft, and faces six years in prison if convicted, WTAQ reported.

Connectivity Problems Shut Down Newly Opened NHS Trust Surgery

In a bit of an oddball story, the UK press last week reported on a brand new £300 000 National Helath Service (NHS) Trust doctors' surgery in Westbury-on-Severn, Gloucestershire that was shut down four hours after it opened 14 January because of “serious computer connectivity problems.” The  problem remains unsolved as of today.  According to the BBC, an NHS Gloucestershire spokesperson said, “Both the practice and NHS Gloucestershire have been making every effort to resolve the situation as quickly as possible, and the PCT's IT team has been working with to establish the cause of the problems. We are now very close to resolving the connectivity issues and the [Primary Care Trust] will be meeting with the surgery next week to finalise the options.”

What wasn’t explained in any of the press stories is how such a “connectivity problem” was somehow overlooked before the surgery was opened.

Glitches for Sale

Art based on digital glitches has been around for a while. Now, you can buy a storage unit that looks like it is suffering from a really big glitch. Created by designer Ferruccio Laviani and sold by Italian furniture supplier Fratelli Boff, the “good vibrations” storage unit is said to reflect “a balance between the past and the future, blending the harmony and magniloquence of the classical with the charm and allure of the contemporary” as well as to exemplify “the harmonious juxtaposition of the languages and cultures it is based upon.”

“Echoes of faraway places and Oriental elements are glimpsed in the ‘disorienting’ design of this storage unit, which seems to have been ‘deformed’ by a strong jolt or by swaying movements. Although it appears to depart from the aesthetics of the past, in fact it draws upon ancient knowledge in the use of carving and fine wood workmanship. The appeal of this extraordinary piece of furniture lies in its ability to overturn and question classical stylistic principles such as purity, cleanness and symmetry, while evoking a comforting feeling of deja-vù and a sort of primitiveness, matched by unquestionable craftsmanship.”

Okay, then… to each their own (although I must admit that I harbored some thoughts about this just being an elaborate publicity stunt).

If glitch furniture doesn’t appeal, you can always buy some limited edition US $350 Glitch Textile blankets. The blankets’ patterns, the company says, “are generated using images taken with short circuited cameras and other unorthodox digital techniques.”

These I find much more appealing.

Photo: Scott Eelis/Bloomberg/Getty Images

This Week in Cybercrime: Hackers More Dangerous than Al Qaeda?

U.S.: Hackers More Dangerous than Al Qaeda

It seems that cybercriminals and politically motivated cyberattackers have vaulted to the top of the list of security threats to the United States. On Tuesday, James R. Clapper, the nation’s director of national intelligence told a Senate committee that hackers not affiliated (or at least not directly linked) with another nation-state could very well infiltrate the raft of poorly secured U.S. networks that control critical infrastructure such as power generation facilities. To impress upon the legislators the seriousness of the threat, he ranked cyberattacks ahead of the brand of terrorism practiced by Al Qaeda. Later in the week, Gen. Keith Alexander, the head of the Defense Department's new U.S. Cyber Command told another collection of senators that his group is setting up its own hacker teams equipped to retaliate in the event of a major cyberattack on U.S. networks. Coincidence? Not likely, says a Tech News World article that considers the congressional testimony to be part of a shift in U.S. military strategy “pointing toward a renewed emphasis on the nation's digital defenses.” The coordinated meet and greets, say some observers, simply indicate a rejiggering of the executive branch’s funding wish list.

“The problem is not so much that cyberattacks are suddenly worse than they've been, but rather that [online attacks’] relative standing as a threat continues to rise as Al Qaeda is further dismantled,” Andrew Braunberg, a research director at information security research firm NSS Labs, told Tech News World.

U.S. Cyberattack Sentry Shut Down

Also just in time to make the U.S. government's point about the cyberattacks was the revelation this week that the NIST National Vulnerability Database (NVD), the government’s clearinghouse for information on malware and cyberattacks, was hacked and has been out of commission since last Friday. Security researchers apparently found malware on two NVD servers. But in an ironic twist, the site, which is set up to issue warnings when new viruses are propagating across the Internet, failed to sound the alarm about its own security problem.

According to a Business Insider article, Finnish security researcher Kim Halavakosk wondered why it has taken so long to get the site back up, so he e-mailed NIST to find out. He posted a response from a NIST PR rep to his Google+ account. The reply e-mail summed up the situation but offered few details regarding how the hackers got in. But the PR person was quick to assure the public that:

“Currently there is no evidence that NVD or any other NIST public pages contained or were used to deliver malware to users of these NIST Web sites. NIST continually works to maintain the integrity of its IT infrastructure and acts to limit the impact of malware on its systems. We regret the impact this has had on our services.”

Is Your Android App Spying on You?

On Wednesday, the Data Center of China Internet (DCCI) released a report that should make all Android phone users suspicious of what’s lurking inside their handsets. According to the report, roughly 35 percent of Android apps sold in China secretly steal user data even when the information has not in any way related to the app’s function. Although the 1400 apps the research institute looked at were mostly sold at Chinese app markets that Google doesn’t control, it still illustrates cybercrooks’ focus on Android as well as the operating system’s vulnerability (especially the myriad jury-rigged versions that are steadily taking over China’s mobile device market).

Apparently up-to-the-minute information on where people are is becoming a big quarry for cybercriminals. DCCI found that more than half of the apps tracked users’ locations. More than 20 percent rifled through users’ address books, while others read call records, and text histories. But the most unnerving thing may be the capability of some of the apps DCCI looked at to secretly send texts and make calls right under the user’s nose.

Ovum analyst Shiv Putcha summed it up best when he noted in a blog post that, “Android is fragmenting beyond Google’s control, and Google’s Android strategy is rapidly coming undone in China with no immediate prospects for correction.”

Major Phishing Campaign Targets Australian Banking Customers

Early Thursday morning, hundreds of thousands of Australians woke up to malware-laced e-mails in their inboxes. The message, crafted to seem like it came from Westpac, Australia’s oldest bank, carried the subject line "Westpac Secure Email Notification" and the sender address "secure.mail@westpac.com.au". It instructed recipients to open an attachment that would unleash a virus. Security firm MailGuard, which identified the e-mails as fraudulent by 9:30 that morning, told the Sydney Morning Herald that by the middle of that afternoon, it had blocked more than 300 000 of the bogus alerts routed to its clients' inboxes. The first wave of messages went largely undetected, says MailGuard, because they originated from more than a thousand unique source IP addresses—many of them outside Australia.

Photo: Peter Dazeley/Getty Images

Advertisement

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 
Load More