Yet another major site has been hacked. This time, hackers used a Trojan horse sent to America Online employees to gain access to users` accounts. The Internet service provider has acknowledged that a few thousand user accounts had been accessed by outside parties and that the hackers would have been able to view customer information, including passwords and credit card data.
If the good guys can do bad things, then the bad ones can do good things. Or that`s the theory of the Mexican leftist Democratic Revolution Party.
Ian Melamed, MD, Ian Melamed Secure Computing
Virus writers continue to demonstrate admirable ingenuity, now if only they`d use it to better effect. Last week saw the arrival of the VBS_Stages.A virus, a variant of the VBS.LoveLetter worm that caused havoc. Stages arrived as an e-mail attachment, but to trick post-LoveLetter/Melissa users, it disguised itself using a Windows file type that hides the extension. Scrap files are created when a user drags a graphical object onto the desktop, and uses an .shs extension. But Windows is designed not to display this extension, so a file called LIFE_STAGES.TXT.SHS will actually appear as LIFE_STAGES.TXT, fooling the user into believing it is a harmless text file. The virus appears to have been written by Zulu, the same person believed to have written last year`s Bubbleboy virus. Just how many more Windows loopholes will virus writers exploit?
A British man has been arrested on suspicion of hacking into the United Arab Emirates` Internet system and could be charged with damaging the country`s economy. The 26-year-old man, who works as a senior computer engineer in Dubai, was arrested after being traced by Emirates Telecommunications network security staff. He is the first person in the Middle East to be arrested on suspicion of computer hacking. However, as is the case in so many other countries, Dubai has no specific laws concerning computer hacking. But Dubai takes the Internet seriously: the government has invested $200 million in setting up a free-trade zone for e-commerce and technology, to be called Dubai Internet City.
And here`s a survey to get you to hand over your credit card details with impunity. One third of online retailers fail to provide e-shoppers with adequate security and privacy protection, according to a study, "Top of the E-Class: Ranking and Best Practices of over 170 Web Sites", conducted by the Ryerson Polytechnic University`s Centre for the Study of Commercial Activity. And another third of e-tailers need to improve their security provisions to meet minimum standards. And it gets better: more than 80% of online retailers surveyed didn`t deliver satisfactory service - and one-third actually failed to pass muster. Amazingly, Amazon.com didn`t even make the study`s Top 40 e-tailer list - it ranked 60th.
If you thought South Africans were paranoid, consider this... Chinese officials have launched a fresh crackdown on cybercaf'es after a regulation banned the caf'es from operating within 200 metres of schools. Police in Xiamen, in China`s Fujian province, have shut down 45 Internet cafes in the city. Chinese kids were turning some of the establishments into PC games rooms, with parents and teachers dubbing the cybercaf'es "electronic heroin". The city`s Public Security Bureau insisted it must increase its role as an "Internet policeman". This is not the first time China has tried to control Internet caf'e use. In February, Shanghai officials raided and shut down 127 unlicensed cybercaf'es, claiming they "corrupt the minds of young people" and posed a threat to state secrets.
And if that wasn`t bad enough on the part of government officials, consider the example of bungling Nato scientists, who have created a virus "by mistake", causing military secrets to find their way onto the Internet. The virus, Anti-Smyser 1, was created by scientists at Nato`s peacekeeping force headquarters in Pristina, Kosovo. They were devising protection from virus attacks similar to those launched at Nato by the Serbs during the Kosovo conflict. But the experiment went wrong, and scientists unleashed the virus on themselves. Now the virus, which grabs documents from PCs and sends invisible attachments to e-mails, has resurfaced at the Czech Ministry of Defence. The virus caused the leak in April of a restricted nine-page document detailing the rules of engagement for Nato soldiers serving in Kosovo, which appeared on the computers of a London publishing company.
And if the good guys can do bad things, then the bad ones can do good things. Or that`s the theory of the Mexican leftist Democratic Revolution Party, which is trying to crack the password to a secret list of beneficiaries of a controversial $100 billion bank bailout that followed a currency crisis in 1994 and 1995. Four of the five passwords that protect the data are known and they are working on the last one. The party has hired hackers to help with the task.
And at last one government, at least, is taking the entire issue of cyber commerce seriously. The US is considering a raft of legislation to increase the rights of consumers who release personal details into cyberspace. Some 300 privacy bills are pending in the House and Senate, and the idea of privacy, registering in the polls as a top concern among Americans, is also making its way into the presidential debate. Democrats and Republicans are touting the same goal: letting the public know that private information, from CD purchases to medical records, will not be misused. Top of the list is the use of cookies, which can create a roadmap of users` online browsing habits.
(Source information for some of the items in this issue was gleaned from Yahoo.com, Reuters, Boston Globe, CNN, Computergram, Silicon.com, The Times of London and Hacker News Network.)
Share