Fatal System Error

Without wanting to turn my Blog into a book-club, without the wine I may add, I want to recommend a very interesting and readable book.  ‘Fatal System Error’ by Joseph Menn, offers a fascinating glimpse and insight into how cybercrime has evolved, it’s consequences and the issues that law enforcement faces in counteracting it. 

The factual narrative is enlivened by focusing on the story of two individuals who have battled against the rise in cybercrime. Barret Lyon, a computer whizz who unwittingly became embroiled in protecting legitimate and illegitimate businesses against attacks. Andrew Crocker is a British detective, who in working for the National Hi-Tech Crime Unit in the UK, went to Russia to track down and prosecute hackers and to find out who they ultimately worked for. 

The books offers great insights into how cybercrime works, who is involved and why it is being used. It is truly shocking and thought-provoking, in equal measure.

April 20, 2010 | Filed Under Gaming, Identity theft, Regulation, Security, Technology, Uncategorized | Leave a Comment 

Symantec guide to scary internet threats

Scary internet threatsThe countdown to the World Cup is well underway. It is clearly going to be the event of the Summer – even if Scotland did not qualify and are not going to be there. As such, the cybercriminals are turning their attention to it. Whilst none of them will be an official FIFA partner, that will not deter them from leveraging and piggy-backing off the pack of this truly global event. We thought it both timely and relevant to produce another one of our Symantec guides to scary internet stuff. The subject this time is ‘internet threats’. We hope you enjoy it and you act on the message. You can find the link to the video here. Read more

March 16, 2010 | Filed Under Announcements, Security, Uncategorized | Leave a Comment 

UK Council for Child Internet Safety

When talking about Norton to people, I outline to them that or job, or mission, or whatever you want to call it, has changed significantly. Most people understand us as being the company that helps protect your PC and stops all those ‘viruses and stuff’ messing with them. I explain that we still do that, but really the focus is now how we can also protect your identity that resides with the PC. However, it is actually even bigger than that. For those of you who are parents, we have to protect everyone in your family who has access to and uses the internet.

Symantec sits on two of the working groups within the Council for Child Internet Safety and was delighted to attend the summit where Gordon Brown MP, Ed Balls MP and child psychologist Professor Tanya Byron officially launched the new internet safety campaign, Click Clever, Click Safe, and the accompanying internet safety code “Zip It, Block It, Flag It”.

We really like the campaign and are looking forward to the launch in February next year –it’s particularly good for us to see as we’ve been involved with the UK Council since before it was even formed, even consulting with Professor Byron as she was researching her report for the government.

It’s part of our remit as an internet security company to keep families and children safe online so we’ll be working with the council to help them promote the code when the campaign launches next year.

December 12, 2009 | Filed Under Family Online Safety, Security, Uncategorized | Leave a Comment 

Better late than never

gchqThe UK Government, yesterday, announced their cyber security strategy, as part of a revamped all encompassing national security initiative. For many people it may have prompted the question, ‘I thought we would have already had this already?’ Well we did not, but it is all in hand now. The new cyber security minister (Yes, we do have one),  Lord West commented that it is not that the UK has been left exposed to cyber threats from other countries to this point in time. He did go out of his way to reassure that the UK government has already faced down cyber attacks from foreign states such as Russia and China.

Two  new bodies will be established in the coming months as part of the strategy. A dedicated Office of Cyber Security in the Cabinet Office will co-ordinate policy across government and look at the legal and ethical issues as well as the relations with other countries. The second body will be a new Cyber Security Operations Centre (CSOC) based at GCHQ. This will bring people together from across government and from outside to get a better handle on cyber security issues and work out how to better protect the country, providing advice and information about the risks

So there we have it. We have shiny new groups to go out and battle the national cyber threats -  we wish them well!

June 26, 2009 | Filed Under Security, Uncategorized | Leave a Comment 

How much information is too much?

spy_eyeI came across this very sad and terrible story. A murderer used a social networking site to gain information on his victim and in doing so help him commit this awful crime. David Heiss, 21, from Dauborn, Germany, developed an obsession with his victim’s girlfriend, and used information the couple had posted online to plan his attack in September last year.  Matthew Pyke, 20, died of 86 stab wounds in the flat he shared with his girlfriend, Joanna Witton.

I do not want to be sensationalist, but the danger is there for people to see. I do not want to be accused of scaremongering: rather to continue to council reserve and caution about just how much information we disclose on social networking sites.  Most of the stakeholders in internet security (security vendors, ISPs, governments, businesses, NGOs) constantly put the issues of financial loss (phishing) and inconvenience (spam) in the forefront of consumer’s minds. However, we all  need to remember that security is exactly the same in the on and offline worlds. Yes, financial security is important, but there are also (fortunately less common) physical risks associated, and keeping your personal identity and information safe and secure is very important for your wellbeing. So, a little forethought and caution can and will keep you safe on-line, just as much as it would do in the real world.

May 13, 2009 | Filed Under Miscellaneous, Uncategorized | Leave a Comment 

The story of the take down of ‘Dark Market’

fbiThe question of just how capable law enforcement is in the face of cyber-criminals comes up regularly.  Unfortunately, tracking down the true perpetrators is a complex and time consuming process. Many times it requires a detailed technical knowledge and understanding, which then needs to be coupled with potentially cross jurisdictional cooperation and coordination. I told you that it was difficult!

At RSA this week, the FBI provided an insight into how they went about ‘Dark Market’ bust. The man who led the operation outlined just how they went about it. What is also interesting is the insight to the structure and operation of ‘Dark Market’. A link to the story is here.

In the end, 60 people were ultimately arrested and an estimated $70M of fraud averted. It is good to see that law enforcement can be effective and cyber-criminals can be brought to account. However, the victory is short-lived given the dynamic and growing nature of the under-ground economy and the cyber-criminals who frequent it.

April 23, 2009 | Filed Under Security, Uncategorized | Leave a Comment 

Trojan.Brisv – an interesting backing track

trojanMy colleagues at Symantec Security Reponse have seen a significant uptick this week regarding Trojan.Brisv.A, a threat that infects multimedia files.  This trojan searches for multimedia files with extensions .asf, .mp2, .mp3, .wma and .wmv, and injects additional functionality into the multimedia files it finds. While playing these infected multimedia files, Windows Media Player will access a malicious link on the Internet, which may in turn, result in more malware being downloaded.  Symantec Security Response has seen 400,000 AV pings over a few day period, which translates to an estimated rate of 200,000 to 1.6 million people impacted. Symantec Security Response believes the threat has reached its peak. 

We have updated our virus defintions to spot and neutralise this trojan. In addition, We have also created a removal tool to repair the infected multimedia files, which is available to customers online here. We have tracked more than 135,000 downloads of the fix tool to date.

All of which, is a useful reminder that when downloading multimedia files, you need to be careful. People are gradually, but it is slow progress, becoming vigilant when downloading files and application executables from web sites. However, what  Trojan.Brisv.A brings to the forefront is that even the ‘content’ can become compromised.

February 5, 2009 | Filed Under Uncategorized | Leave a Comment 

Play your part in a safe and secure inauguration

us-presedential-sealThe inauguration of Barack Obama is capturing the attention of the world.  What I have found interesting, in the run-up to the event itself, is the sheer size and scope of the preparations. Particularly, the security arrangements that are being taken. Preparations are being made to cover all eventualities. The roads in Washington have been closed, there will be tens of thousands of Police and Army personnel deployed, with snipers providing cover from the roof-tops along the parade route. That is not to mention, the helicopters and even fighter jets that will patrol the skies and  the patrol boats monitoring the waterways.  We all hope for a safe and peaceful event.

Now, I would also encourage you to take your own security precautions in the run up to and through, what is turning out to be, a world event. The Symantec Global Intelligence is detecting and picking up a surge of inauguration themed Spam. We have written about this here.

The tactic is the well- worn one of sensationalist email headings, with an embedded link, that takes you to a web site that ostensibly looks like an official Obama campaign web site. However, it is far from that. The web site will then automatically try and attack your web browser to surreptitiously install malicious software onto your machine.  Although, your machine maybe fully patched and therefore deflect this type of attack, the site hopes that your curiosity gets the better of you, and further hyperlinks on the site points to other malicious content.  We have detected the piece of piece of malicious software being used here under the name W32.waledac.  This particular piece of malware is capable of harvesting your machine for personal information, turning it into a spam zombie and also leaving a ‘back-door’, so that the hackers can come and go from your machine and use it at their will.

January 19, 2009 | Filed Under Events, Security, Uncategorized | Leave a Comment 

Blast off with Norton!

Do you want to take a trip into Space? Well, to celebrate the launch of the Norton 2009 products, we are offering the change to do just that! In an unprecedented sensory experience, rocket engines boost you beyond the normal limits of flight to regions above 62 miles (100 kilometers) – where space begins. After the engines shutdown, you will experience up to five minutes of continuous weightlessness, all the while gazing at the vast blackness of space and the blue horizon of the Earth below. Cool! This link takes you to a video of what to expect.

Follow this link to register for the competition. All the very best!

October 2, 2008 | Filed Under Announcements, Uncategorized | Leave a Comment 

Beware of the ‘antivirus’

As we approach this time of year, many security vendors refresh their products.  We are in the process of finishing the BETA of our Norton Antivirus 2009 and Norton Internet Security 2009 products and getting ready to release them to market. Many of our fellow competitors have launched, or are, launching their new products. So, in turn this starts to get people thinking about ‘new’ security products.

The last few days have seen reports of ‘malvertizements’ that ultimately lead to fraudulent products. Newsweek.com is one of several high-profile websites suspected of running rogue banner ads that try and trick visitors into installing fraudulent anti-malware programmes. This opens up an interesting dimension. People implicitly expect and trust that the web sites owners have checked into the people who have placed ads on their sites. The web site owners do, but incidents like this point out that they are not infallible and need to do more.

The trick of the bad guys pretending to be an anti-malware utility or antivirus product has been around for a some time. However, in recent weeks we have seen a number of examples of this resurface.  Symantec’s security response blog has written about this.

What we have observed is a combination of attack elements being used in concert. First a spam email, with an Olympic led fake new story. The user is encouraged to click on a link, the link in turns asks the user to ‘get_flash_update.exe ’ or get_flash_codec.exe. These files then host a number of variants, one of which is a fake antivirus product: ‘Antivirus XP 2008’. A cursory glance would lead you to believe that it looks legitimate: it is far from that.  Once it is installed, ‘Antivirus XP 2008’ basically gives false reports on the security of a system, claiming it has multiple threats running. The software interrupts the user constantly by popup messages, balloon reminders and such, asking the user to register to remediate the threats. The victim’s desktop background is changed to show a virus warning message. The goal of this threat is to get the victim to pay for what they think is a fully-functional legitimate security product, which of course it isn’t.

Now, you will think this blog to be pretty self serving – guilty as charged! With many new (legitimate) antivirus products making their way onto the market, you need to be mindful. If you see something about some new product from someone you have not heard of, then do your homework: ensure they really are who they say they are.

August 20, 2008 | Filed Under Security, Spam, Uncategorized | Leave a Comment 

Next Page »