This Week in Cybercrime: Filipino Anti-Cybercrime Law Put On Hold Over Civil Rights Concerns

Security or Censorship?

Despite universal agreement that cybercrime is becoming a scourge to Internet users, observers looked on with great apprehension when the Philippines introduced a new anti-cybercrime law last month that makes online libel a criminal offense and blocks access to websites the government says are in violation of the statute. After criticism from journalists and civil rights groups who predicted that the law would be used by politicians to prevent dissent, the Philippine Supreme Court on 9 October issued a temporary restraining order stopping the government from enforcing the law for at least 120 days. The order also gave the government 10 days to respond to several petitions seeking to have the law declared unconstitutional. In a petition filed by the National Union of Journalists of the Philippines, the group said the law would "set back decades of struggle against the darkness of 'constitutional dictatorship' and replace it with 'cyber authoritarianism.'"

Internet Users Not Particularly Careful

According to a survey by the National Cyber Security Alliance (NCSA) and Internet security firm McAfee, 17 percent of U.S. residents say they have been victims of some form of crime committed via the Internet. And while nearly half of respondents said that they regularly access the Internet via smartphones, 64 percent admit that they have never installed security software (links to pdfs) or apps on their devices in order to make them more secure from viruses or other malware. Half of those surveyed said they are allowed to use a personal tablet, smartphone, or laptop to carry out their daily job functions. The report also notes that nearly half of respondents said that their companies don’t have an established Internet security policy or formal training. The survey results don’t include any information on how much of an overlap there is between the half of respondents that are allowed to use their personal devices and the half that haven’t been coached on how to keep their (and by extension their companies’) data out of the hands of cyberthieves.  Here’s hoping that it’s minuscule. Michael Kaiser, executive director of the NCSA, told the Sacramento Bee that, “This data supports an ever-increasing need for online users to be vigilant in their actions each day.  Working together, we can provide Americans with the tools and information they need to practice safe online behaviors during October [which is National Cyber Security Awareness Month] and throughout the year.”

Beware Browsers Blabbing

According to the UK Register, Mozilla alerted Web surfers on 10 October that the latest version of its Firefox Web browser, released a day earlier, contained a vulnerability that allowed a cybercriminal hosting a malicious website to view a user's browsing history. In a security warning posted by Mozilla security chief Michael Coates, he assured Firefox users that there had been no reports of anyone exploiting the flaw in Firefox 16 and that a patch was being made ready as quickly as possible. An updated version that sews up the security hole was released on Oct 11.

Cyberthieves Taking Out “College Loans”

Last week, we reported on this blog that dozens of universities had been the victims of cyber break-ins by a group that posted the personal data of thousands of students, faculty, and administrators online. Now, a Security Week article reports that a group of hackers have breached a server at Northwest Florida State College that contains nearly 300 000 records. They include information about nearly 77 000 current and former students, 3200 school employees, 200 000 Florida students identified as Bright Future scholars. What’s a cyberattack at one school compared with a multipronged one affecting more than 50, you ask? Security Week reports that, according to the school’s president, the information gleaned from this breach has already been used to commit at least 50 acts of identity theft. The school told Security Week that among the exploits pulled off using the data was a scheme to borrow money from two Canadian payday lenders using school employees’ information. The loans were set up so that the proceeds went to the thieves but would be repaid from the employees’ bank accounts.

Related Stories

Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Contributor
Willie D. Jones
 

Newsletter Sign Up

Sign up for the ComputerWise newsletter and get biweekly news and analysis on software, systems, and IT delivered directly to your inbox.

Advertisement
Advertisement