The sun may well be shining but, as far as IT security is concerned, the summer has got off to a pretty poor start. According to the Fortinet Threat Landscape report for June, which has just been published, the FortiGuard Labs covered 201 new vulnerabilities this period. I’ll repeat that, more than 200 NEW vulnerabilities in the space of a month and that’s nearly double the number from last month. Of these, some 71 (or 35% if your prefer) were being actively exploited by the bad guys before the month was out.

Some so-called security trend reports are little more than crystal ball gazing, to be honest, but I tend to take the FortiGuard Labs one more seriously as it is compiled using threat statistics and trends based on data collected from FortiGate network security appliances and intelligence systems out there in production worldwide.

This reveals that in the space of one month there have been four Flash and Excel vulnerabilities (all disclosed and patched in the same period), a hit-and-run attack for the Internet Explorer HTML Object Memory Corruption Vulnerability (CVE-2010-0249) which first surfaced in January 2010 and was used in the Aurora attacks, as well as some nefarious activity by the Sasfis botnet.

“We observed Sasfis loading a spambot component, which was heavily used to send out binary copies of itself in an aggressive seeding campaign” said Derek Manky, project manager, cyber security and threat research, Fortinet. “The Sasfis socially-engineered emails typically had two themes; one looked like a fake UPS Invoice attachment, and the other was disguised as a fees statement. Much like the Pushdo and Bredolab botnets, Sasfis is a loader - the spambot agent is just one of multiple components downloaded.”

Then there has been the malicious JavaScript code which, in terms of malware, was the only detection that topped those botnet binaries. Obfuscated JavaScript code identified as JS/Redir.BK showed a surge of activity on June 12th and 13th, redirecting unsuspecting users to various legitimate but compromised domains. These hosted an injected HTML page named z.htm and circulated through an HTML attachment in spam emails.

“There is no doubt that JavaScript is one of the most popular languages used today for attacks” Manky warns “it is used in a growing number of poisoned document attacks (PDF), particularly with heap-spray based techniques. It’s also used to launch exploits, and it is popular as a browser redirector to malicious sites, since the JavaScript code can be obfuscated and appear to be more complex than traditional IFrame based attacks from the past.”

I’m no football fan, I’ve made that clear enough this last few weeks. However, while I don’t like to see the national team humiliated in the way they were by Germany over the weekend, I can’t help but feel that the 4-1 drubbing might just be a blessing in disguise as far as Internet security is concerned.

It’s OK, I’ve not gone totally mad and entered into some strange realm of hugely tenuous links, I’m actually quite serious about this. The football World Cup is one of those relatively rare events that tick pretty much every box that your average spammer, scammer and Internet bad guy can look for in a current event to latch onto. It is not only big news, but it’s big news all over the globe. What’s more, it’s the kind of big news that stirs up national pride and gets huge swathes of the online population talking about it, arguing about it most importantly reading about it. The World Cup is, in other words, a malicious link poster wet dream.

As I mentioned recently, 25 percent of all global spam is currently related to the World Cup and much of that will contain malicious linkage. Although I have no actual figures to shore up my next argument, I’m going to stick with it based purely on the sheer number of emails that have been passed my way and the off the record conversations I’ve had with security researchers: Many of those malicious links and the messages that spread them relate to the damn vuvuzela.

There, I’ve said it. The hugely annoying plastic trumpet that nobody can play, unless it is meant to sound like a Wookie with toothache that is, has been the second most dominant news force of this World Cup after the fact that England cannot play of course. Which means that the malware authors love it, as the latest attack using Twitter to spread a message which simply reads “OMG! Vuvuzela banned!” along with some hashtags to help spread the word (#worldcup and #vuvuzelabanned) and, of course, assorted malicious links. According to Andrew Brandt at Webroot the tweets use different link shortening services to mask the destination of these links, a bogus image hosting site Image Sheep, and while you are there, in the background, your PC is herded into a botnet.
Brandt warns “there is a real image hosting service by the same name, but the real Image Sheep is registered elsewhere and hosted in an entirely different network than these fake Image Sheep clones”.

The multiple payloads at the fake site appear to include the receipt of stolen user data batches which are used to login to Twitter and Facebook amongst others, another “contains scripting that adds an entry with details about the victim’s computer into a MySQL database” and this reports on “the number of infected users, the rate at which people infect themselves, and the clicks to various parts of the page”.

As I say, the good news for those of us in the UK at any rate is that I suspect these kind of exploits will be a lot less effective now that England has been knocked out of the World Cup and general interest in the competition wanes. Strangely enough then, I think we should all be thanking the Germans for doing us a favour…

There are many reasons why I hate the World Cup: it’s football (and not the proper Rugby Union kind either) and it’s totally inescapable. The media seems to assume that everyone is interested in which bunch of seriously overpaid egos can kick a ball around the least worse, so TV schedules are rejigged around the matches and newspapers stuffed full of any vaguely football related news, including the wives, girlfriends and no doubt labradoodles as well.

But perhaps the main reason I hate the World Cup right now is the sheer amount of spam and malware it has created. According to the latest MessageLabs Intelligence Report from Symantec Hosted Services, a whopping 25 percent of all global spam is currently related to the World Cup.

OK, so it is nothing new for the spammers and scammers to latch on to current events in order to peddle their murky trade, but when analysis reveals that 25 percent of spam includes keywords related to football you know things have reached a new low.

If that is not bad enough, MessageLabs Intelligence also intercepted a run of some 45 targeted malware emails earlier this month, all aimed at Brazilian companies and designed to rely on social engineering tactics and World Cup excitement to compromise corporate systems. using a dual attack mode approach, both PDF attachments and malicious links were included in order to double the chance of success: think about it, if the AV scanner removes the infected PDF attachment but then forwards the apparently cleansed message complete with a malicious link the recipient is much more likely to consider it as trusted.

“Right now, spammers are reliant on the massive wave of excitement and expectation that typically surrounds an event like the FIFA World Cup” says MessageLabs Intelligence Senior Analyst, Paul Wood. “Riding this wave, spammers get the attention of their victims by offering products for sale or enticing them to click on a link. It is not uncommon for the event to appear in the subject line of an email but for the body of the same email to be completely unrelated”.

With England playing so badly that the team is not likely to progress much further you may have thought the fuss would die down and the spam problem go away equally quickly, however the tournament will continue with or without England and so will the opportunity to spam us. Anyway, Wimbledon tennis has started now as well, which is yet another excuse for the bad guys to grab us by the balls.

Game, set and match to the spammers it seems…

Excuse that headline, it’s almost as daft as the press release behind this blog entry which suggests that adults are forgetting how to write and spell due to using too many gadgets.

Under the title of ‘Gadget obsessed Britons need a lesson in writing’ the press release, ironically marketing a computer in a pen that digitally captures and syncs handwriting and audio together, it states that the results of a new survey is “sure to send shockwaves throughout English departments across the country”. Perhaps, but only if those departments are being run by five year olds as I doubt anyone older would be fooled by the old computers are evil argument no matter how it is wrapped up this time.

I’ve heard it all before, many times during the last 20 years or so I’ve spent as a professional journalist and author in fact: email is killing letter writing, social networking is killing relationships, computers are killing our ability to think. All of these arguments are equally absurd, no matter what the ’science’ being spouted to try and convince us otherwise.

Email has reinvented the art of letter writing, albeit in a new medium. Thing is that medium is so much better than the messenger pigeons, blokes on horseback and snail mail services that went before. Why is an email of less value simply because it is not written in ink on paper and does not take a week to arrive? This argument has always seemed arse about face to me. The arguments against social networking and computing in general fall apart just as quickly when exposed to even the flimsiest of serious examinations.

Which brings me nicely back to the Livescribe release and that claim that because only 16 percent of those asked write ‘by hand’ once a week or less we, as a nation, are forgetting how to write properly and spell for that matter. “80 percent of respondents agreed that the quality of Britons’ English skills had suffered due to the rise and popularity of gadgets such as smartphones over the last five years” it stated, matter of fact. The YouGov survey also revealed that 34 percent admitted to “inadvertently writing in ‘text speak’ in handwritten situations”.

“This survey points to a worrying precedent that suggests standards in writing and spelling in British adults are deteriorating in later life due to an over-reliance on technology programmes such as predictive texting. It implies that in the absence of these devices people are going to struggle to remember how to spell” said Dr Bernard Lamb, President of the Queen’s English Society.

Does it really? I don’t think so.

Let’s look at the 16 percent who write by hand only once a week at the most. What are they using when they send an email via their netbook or smartphone, their feet perhaps? I imagine they are using their fingers to be honest, so that’s a statistic you can safely flush into oblivion. I hardly ever use a pen these days, other than to sign my son’s homework book, does that signal my slow demise as a professional writer? Erm, nope.

OK, what about the 34 percent who, shock horror, used ‘text speak’ in a handwritten letter. Erm, so bleedin’ what? The thing about text speak, like it or loathe it, is that is has become a de facto part of the language now. So of course we are going to be finding ourselves writing it down out of habit. That is really not such a bad thing, upon reflection. If language did not change and evolve over time our correspondence would resemble some Shakespearian sonnet.

And as for the notion that without a gadget we will forget to spell, I’d like to see the scientific double blind trials operated over a period of time to back that statement up otherwise I’ll treat it as conjecture. A word I managed to spell without recourse to the spoil chicken on this here netbook oddly enough.

Finally, does it not strike anyone as strange that folk trying to sell you a gadget, albeit a pen shaped one, would resort to using a survey that suggests gadgets are creating a nation of retards in order so to do?

ROFL, LMAO etc…

Who could forget that historic HMRC security breach in November 2007 which saw the bank details of 25 million people go missing? The surprising answer to that question is around 20% of companies, it would seem.

At the time, the Conservative Party told the BBC that the breach was “a catastrophic failure” and then Chancellor Alistair Darling admitted it was an “extremely serious failure on the part of HMRC to protect sensitive personal data entrusted to it in breach of its own guidelines”.

In June 2008 the Poynter Review into the shameful affair identified major institutional deficiencies and recommended a number of security principles to prevent any reoccurrence. Now a survey by Cyber Ark suggests that companies are still choosing to ignore some of these core recommendations, including 19% which continue to use external couriers to transfer sensitive data files.

The Poynter Review clearly recommended that transfers of digital data involving physical media should be phased out completely, yet this new survey shows this method is on the up rather than being phased out. In 2008 when questioned on this, 4% of respondents used the postal system to transfer large files, however that figure has now jumped to 11%.

It’s not all bad news though, as the survey also revealed that 82% of companies do have some system in place for the transferring data, and the use of email for this has declined from 35% in 2008 to 16% now. Unfortunately, 67% have moved to FTP for sensitive data transfer and 28% using web based services.

Mark Fullbrook, UK Director for Cyber-Ark, says “With FTP, and even encrypted FTP sessions, the problem arises after data has moved while it sits on the FTP or SFTP server in plain text. The nature of the beast means the service is directly connected to the internet leaving it open to violation, and as there is no audit trail, no record of who accessed the files. More alarmingly is those organisations that are using a web based offering – they may just as well stand on a street corner and give away their information as these services just weren’t designed with sensitive corporate data in mind”.

Google should be man enough to admit it gets it wrong every now and then, rather than blame the most unlikely sounding of bugs for a hard of thinking moment.

There I was on Thursday morning, sitting in the DaniWeb offices in New York with the CEO, both of us recovering from an Internet Week after party the night before. I needed to look for something on Google and to the surprise of us both a hideous thing happened: instead of the slick and minimal Google page everyone is used to, a monstrosity appeared before us. The full-screen colour image was so distracting that it was actually hard to remember what I had gone to search for. Text on the page below the search box had all but vanished in the eye-straining confusion.

“Is this for real” asked Dani, the CEO sitting beside me “and can I switch it off?” My answer, after doing a quick bit of ironic Googling, was yes and no. Yes, it was for real and according to the newsfeeds at the time it was some kind of nod to those users who like to customise everything, and anyway, Bing has images. No, you could not switch it off but you could change the image. Great, I could have a picture of a tree or something else from the very limited set on offer, but I could not go back to what made Google great, a whole page of nothing much.

Neither of us could believe what we were seeing, and both agreed it was bad news. Then I went and started a 17 hour journey home via Dublin. By the time I reached Dublin airport and ‘borrowed’ the business lounge WiFi to check my email, a funny thing had happened: Google had gone back to normal. It was no longer Google, the Bing Edition.

So what, exactly, had happened here?

I could speculate with some humorous ideas, but even the most ridiculous of arguments would not be as unbelievable nor silly as the official version of events so I’ll stick with that. It seems that the Bingness of Google was ‘an experiment’ that was meant to last just for a day in order to gauge user reaction. Instead it was pulled 10 hours early due to ‘a bug’ that caused a link which explained all of this to vanish.

Yeah, right. One of the biggest names on the web let an experiment free on its home page, used by hundreds of millions of people every day, without checking that everything worked first. NOT. Let me repeat that, NOT. I’m sorry go ogle but I plain don’t believe you, unless you put Mr Hardofthinking in charge for the day and I doubt that happened either. Or there really is a bug whose only effect is to make an important link vanish from view. Actually, there could be such a thing and it could be called the ’someone forget to include the link’ bug I guess.

However, it seems much more likely that so many people had he same “WTF?” reaction to this image madness that both the DaniWeb CEO and myself experienced, and enough of them complained to Google to make the company realise the folly of it’s decision and pull the thing before it managed to do the impossible and kill the web’s biggest property stone dead withy a single well aimed if rather daft bullet.

According to the latest research to hit my inbox, the security needs of the SME are becoming more sophisticated. I have to admit, I am not altogether convinced.

RSA, the Security Division of EMC, released the results of a survey conducted by the SANS Institute which was a sampling of data from the SANS Sixth Annual Log Management Survey Report and focused on small and mid-sized organisations with less than two thousand employees. It suggests that almost 80 percent of SMEs rank detection and prevention highest in criticality, and that the mid-sized enterprise best understands the importance of collecting and analysing log data. The fact that survey respondents reported logs are most useful when used for forensic analysis and correlation, then detection and prevention, both coming in higher than 90 percent, suggests mid-sized organisations are becoming more sophisticated in their security needs, RSA insists.

“This data suggests that organisations want and need the efficiency of a log management solution to move beyond compliance to security detection, reaction and prevention as well as to augment effective IT and network operations” says Jerry Shenk, Senior Analyst at SANS.

“This data suggests some people have too much time on their hands” says Davey Winder, opinionated security expert at IT Pro, continuing “I mean, who really wants to read a report based upon a log management survey?”

Seriously, security does not need to be sophisticated at any level, it seems to me. It just needs to be practical. And that means being appropriate to the business using it, and appropriate to the risks faced by that business. Common sense goes a long way even at enterprise level and in the rush to buy in ever more sophisticated security solutions that, I am afraid to say, often gets left behind. Yes, checking logs for potential security problems is a good thing, but when you start talking about the efficiency of log management solutions I start switching off…

With just a few weeks to go before the football world cup kicks off in South Africa, my inbox is already starting to fill up with related spam and press releases. I’m a Rugby Union man through and through, a very happy one as it just so happens that I’m a Leicester Tigers fan, and have very little time for anything to do with soccer. Unless it’s the type you spell SOCA, that is. When the Serious Organised Crime Agency gets serious about organised criminal gangs participating in British cybercrime to the tune of £3.5 billion a year, anyone with an interest in online security has to sit up and take notice.

SOCA has warned that the bad guys are endlessly inventive, even going as far as impersonating SOCA officials themselves in order to perpetrate fraud recovery scams where victims are counselled with help to recover lost money, but in actual fact just end up getting fleeced all over again.

If you honestly think it cannot happen to you, or someone you know, then think again. When the crime business is so big as to be worth £3.5 billion a year, it’s big enough to touch anyone who is not constantly vigilant - and that includes everyone from the individual consumer to the biggest enterprise.

VeriSign, for example, conducted research recently which concluded that as many as 11 percent of the online UK population has been a victim of online ID fraud over the past year. Each of those victims losing, on average, some £352. “Soca’s research further highlights how criminals are continuing to widen the techniques they use to target their victims, with online fraud now a major industry” says Matthew Bruun, a security expert at VeriSign.

Which is why SOCA made today, June 1st, a global day of action and awareness to fight back against the scammers. Apparently. Unfortunately, there doesn’t seem to have been much evidence of this getting any great media coverage which kind of suggests that most people find cybercrime about as interesting as I find football. And that, dear reader, is very worrying indeed.

I may not be paranoid, but that doesn’t mean they aren’t trying to steal my identity right out of my wallet. I’m not sure who ‘they’ are, to be fair, but I sure don’t want them looking at the data on my biometric passport or wireless contact credit card. No sir-ee Bob. That’s why I’m buying a wallet that comes complete with multiple layers of Radio Frequency shielding material woven into the fine Italian leather body.

It’s not even April 1st is it, and here I am writing about buying a firewalled wallet can you believe it? And it’s true, these things do exist: a Californian company called Kena Kai is knocking out a range of wallets with a built-in firewall under the DataSafe brand. They cost about the same as any other leather wallet, a lot less if you compare them to designer brands, and don’t look like they have been designed by an acne-ridden nerd called Nigel either.

Do I really think that anyone is going to try and steal my identity by scanning me as I walk past (within around 6 metres, the effective range of most ’skimming’ devices) on the off chance I have some new-fangled RFID-powered credit card or am carrying my biometric passport around Tesco for some reason I cannot currently think of? No, as it happens, I don’t. Not least because I don’t have a biometric passport or a RFID credit card.

But you know what, given the choice between a boring old wallet or a super-nerdified firewalled wallet the latter will win every time as far as I am concerned. Just think about the bragging rights at parties…

A new index of average global broadband speeds makes for pretty depressing reading if you happen to be Ed Vaizey, the newly appointed Minister for Broadband in the coalition government. Hotfoot from listening to Her Madge The Queen bigging up support for the broadband nation at the state opening of Parliament earlier in the week, Vaizey will have been brought back down to Earth with a very real world bump as the Ookla Netindex places the UK at, erm, well, 33rd in the global broadband download speed charts.

To put that into some perspective, Europe as a whole can muster an average broadband speed of 10.03 Mbps according to the index but good old Britain manages a meagre 7.69 Mbps. So while we may expect to find ourselves behind the Gods of Broadband, South Korea on a massive average speed of 34.19 Mbps, ending up way behind the likes of Latvia (24.30 Mbps), The Aland Islands (18.80 Mbps), Romania (18.56 Mbps), Bulgaria (17.55 Mbps), Lithuania (16.70 Mbps), Andorra (16.24 Mbps) and even flipping Belgium (11.24 Mbps) for crying out loud.

Even if Ed Vaizey tried to shift the focus by looking at the upload speed charts instead, he would have found no reasons to be cheerful. In that list the UK sits at number 66 in the world with a truly poor 0.91 Mbps. Heck, even the Republic of Moldova can manage to find an average upload broadband speed of 7.17 Mbps although once again South Korea makes me wince with that 18.45 Mbps chart topping number.

Geoff Bennett, Director of Strategy at Infinera UK, reckons that “the roll out of superfast broadband in the UK continues to lag behind some of our key economic competitors in Europe, and the rest of the world” as these Nsetindex figures would tend to confirm. “We would urge Ed Vaizey to look at investment not just in the last mile but also in the core of the network” Bennett continues, concluding “There are new technologies that have been widely deployed elsewhere that increase the capacity of the network while reducing capital and operating costs and a leap forward to wide deployment of these technologies would be beneficial for education, health care, business, and consumers.” Technologies such as Photonic integration, for example, which has been deployed to good effect by operators in the UK such as Carphone Warehouse…

I’m sad to say that I’m way below average here in my country pad, with an average download speed of 3.5 Mbps and uploads maxing out at 0.75 Mbps.

How fast is your broadband? Now is the time to let us know if size really does matter…