This Week in Cybercrime: Middle East’s Upheaval Breeds Hacktivists

Plus: Sudoku prevents some IP theft, and parents targeted in back-to-school phishing scheme

Advertisement

Unrest in the streets of Egypt and Syria civil has led to thousands of deaths and a lack of personal security in many public spaces. But the civil wars raging there are turning out to be the backdrop for diminished security across online networks. McAfee, the cybersecurity firm best known for its online antivirus solution, told Reuters this week that more than half of the cybercrime activity now occurring in the Middle East can be characterized as “hacktivism” by politically motivated programmers looking to sabotage opposition institutions or groups.

“It’s difficult for people to protest in the street in the Middle East and so defacing websites and [carrying out] denial of service (DOS) attacks are a way to protest instead,” Christiaan Beek, director of incident response forensics for McAfee in the Europe, Middle East and Africa (EMEA) region, told Reuters.

The targets have overwhelmingly been entities linked to the region’s economic underpinnings, which in most cases means crude oil. Cyber attacks in the region are reportedly focused on Saudi Arabia, the world’s leading oil exporter; Qatar, the top supplier of liquefied natural gas; and Dubai, the region’s aviation, commercial and financial hub.

Gert-Jan Schenk, McAfee president for the EMEA region, told Reuters, “Ten years ago, it was all about trying to infect as many people as possible. Today we see more and more attacks being focused on very small groups of people. Sometimes malware is developed for a specific department in a specific company.”

Puzzles Solve Theft of Copyrighted Images

Theft of intellectual property—at least from the point of view of the item, idea, or technology’s owner—is not fun and games. But a leisure time pursuit, the numeral puzzles known as Sudoku, may be the key to watermarking images in a way that prevents people from using the images without authorization.  

Most copyright holders use digital watermarks to overlay a logo, graphic message, or serial number on images, or to embed information that allows their provenance to be traced. But people intent on flouting copyright rules simply crop the watermarks out and use the images anyway. That might soon be much harder thanks to a group of computer scientists at the the Universiti Tun Hussein Onn in Malaysia. They have published a paper in the International Journal of Grid and Utility Computing in which they report that their Sudoku-based watermarking technology “could resist attempts to crop the watermark in more than nine times out of ten cases.”

They explain that grid of numbers comprising multiple valid Sudoku solutions invisibly covers the entire image. “If the image pirate crops part of the image,” the researchers said in a press release, “then the chances are that enough of the watermark will remain elsewhere in the image that the complete watermark might be retrievable provided that the precise and correct Sudoku solution is given.”

The researchers say that an array containing 81 randomly placed 9-by-9 Sudoku grids defeated more than 94 percent of attempts at scraping the watermark. “They are currently implementing 256 16x16 Sudoku, which they suggest will be even stronger,” said the release.

Back-to-School Phishing Scheme

Cybercrooks are using the occasion of the new school year to trick parents into turning over information so their identities can be stolen. The caper, reports NBC10 news in Philadelphia, begins with an e-mail received by parents that asks them to pay 85 cents per child to help fight obesity in schools. The letter establishes legitimacy in parents’ minds by referring to the national company "EZSchool-Pay," which allows parents to pay certain school fees online. But the e-mail contains a link directing them to make the payment to "EZSchool-Online." Once there, the parent is asked for information including banking data or a credit card number and his or her Social Security number. The result, unfortunately, costs most victims considerably more than 85 cents.

Though the phishing site, which was located in China, has been shut down, Robert D'Ovidio, a cyber crime expert from Drexel University, warned parents and everyone else to pay close attention to the messages they get before clicking on links or trusting the veracity of come-ons. As for the back-to-school phishing scheme, he told NBC10 news that, "These sites are taken down quickly and then re-appear on a different server targeting different school districts and that's how they survive."

In Other Cybercrime News…

The Computing Technology Newsletter

Biweekly newsletter about advances in hardware, software and systems.

About the Risk Factor blog

IEEE Spectrum’s risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.