Anonymous hackers has begun the cyber war on Singapore


Singapore cyber war

Singapore’s internet and phone regulator said it was investigating the hack

Anonymous hackers have declared war on Singapore with a pledge to hit at official infrastructure. This has left Singaporeans with a sense of foreboding about what is to come.

AN aura of uncertainty, even fear, has crept into this intelligent island where the computer widely affects every home, office and school.

Since an anonymous network of hackers threatened war on the government and its infrastructure, many official websites – including the Prime Minister’s Office – became inaccessible for a long period.

Others included the police force and internal security department and ministries like finance, home affairs and national development as well as Parliament and the Cabinet.

Many citizens are not sure whether there had been a cyber-attack or, as officially explained, the outage was due to a planned maintenance that hit “routing and hardware”.

“At no point were these websites the target of cyber-attacks,” insisted the authorities.

But an e-mail purportedly from “The Messiah”, an alleged hacker who is part of an international network, said several members had worked together to put them down.

The declaration of war with a pledge to hit at official infrastructure last Saturday has placed Singapo-reans with a sense of foreboding about what is to come.

Singapore – its economy and education system – has been heavily dependent on the Internet for two decades.

After four days of silence, a defiant Prime Minister vowed to track down the anonymous hackers and bring them to justice.

Lee Hsien Loong told reporters: “Our IT (information technology) network, the Internet, our communications have become an essential part of our business and our lives now.

“…When somebody threatens to do harm to it … we will spare no effort to try and track down the culprits and if we can find him, we will bring him to justice and he will be dealt with severely.”

The response is not surprising. Few people had really expected the authorities to give in.

A day later, the PM Office website was mockingly hacked by Anony-mous, saying “It’s great to be Singaporean today”.

Singapore may be entering a new era of IT threats where unidentified foreign predators – for good or bad reasons – can wreak chaos to their lives.

“These may be the good guys. What if they were followed by the really bad ones with destructive ideas?” asked a political analyst.

Since the harm of computer warfare is unimaginable, most people tend to oppose its use to achieve social and human rights, the declared aim of the anonymous group.

Even within the Internet community, which is traditionally anti-government, the reaction has been mixed.

“I love these guys for fighting on our behalf but am afraid they may actually inflict harm on Singapore,” a netizen said. “We will have to fight the government our way, through elections.”

Therein lies the government’s dilemma. It is facing a dangerous new threat with some younger Singaporeans less than supportive of it.

The anonymous group is not without problems, too. It can only win if it gets the Singapore public on its side.

This is unlikely to happen if its hacking activities are stepped up to a level where people’s welfare is harmed.

This could swing Singaporeans behind the government and turn against them – which is not what they want.

Observers notice that of all the closures, the Central Provident Fund website was unaffected.

The trouble began last Saturday when an anonymous hacker wearing a Guy Fawkes mask demanded the Singapore government, over YouTube, to withdraw its recent laws to licence online news.

Economists fear that a prolonged digital war may undermine business confidence and affect the economy, particularly e-commerce here and in the region.

Singaporeans are by nature not aggressive. Some see it as Hobson’s choice, between supporting the anonymous group’s “noble objective” and their own jobs and careers.

The public stayed largely away from the hackers’ call for a general protest on Nov 5. So did most bloggers, although some Facebook users had blacked out their profile pictures as a sign of support.

Since many Singaporeans are not tech-savvy, they tend to worry about the worst of a cyber-war – chaotic roads and airports, missing bank accounts, etc.

The government, however, has insisted the websites were closed for a pre-planned maintenance which was aggravated by “routing and hardware glitches”.

The episode showed the government was apparently unprepared to meet a major hacking threat.

It signifies that defence of Singapore now goes beyond the need for national service and a people’s army, missiles and jet-fighters.

Recently, the government announced a new S$130mil (RM332mil) budget to be spent in the next five years for research in countering cyber-warfare.

The hacking began last December, when the websites of the government People’s Association and 16 related bodies were hacked and closed.

A number of assaults followed, including the town council of PM Lee’s constituency.

The hackers putting pressure on the People’s Action Party (PAP) government will likely see some long-term impact.

The ever presence of a global group of high-powered hackers, and their threat, will likely make the policy-makers a lot more cautious in the future.

 By Seah Chiang Nee
> The views expressed are entirely the writer’s own.

Bersih_PR – UMNO_BN Cyberbattle to own the ‘truth’


Cyberbattle to own the ‘truth’

ANALYSIS  By BARADAN KUPPUSAMY

The ‘truth’ is still out there in cyberspace where the Bersih 2.0 rally is concerned.

THE Bersih 2.0 rally might be over but the battle to own its truth is still being fought over social media which had become a fierce battleground.

People from both sides of the political divide have weighed in with their experiences of July 9 on Face­­book, Twitter, blogs and so forth.

Some of the things uploaded now include a video clip of a man who had supposedly died, a hospital that was blasted with water cannons and a PKR activist who died of a heart problem during the rally but his death was blamed on the police.

Discerning true from false: Many accounts of the Bersih 2.0 rally, both true and untrue, have been posted online for Netizens to read and judge for themselves.

The person who faked his death on video has been traced and identified as an Al-Arqam member from Selangor. He is said to have run off when the police sent him to hospital.

Then a supposedly “Chinese man” was seen holding a loud hailer for the man (said to fake his death) as he prayed. Eventually, the “Chinese man” had been exposed as a Selangor PKR man who is a Malay. A blogger posted his picture for viewers to judge for themselves.

Opposition Leader Datuk Seri Anwar Ibrahim, meanwhile, was seen grimacing in hospital after the rally but his detractors scoffed at the images.

It’s a war zone out there in cyberspace. The Pakatan Rakyat appears to be winning at times; at other times, the Barisan Nasional.

Pakatan had always enjoyed a well-oiled social media network. It was first seen in action during Anwar’s black eye incident and later in the first sodomy trial and subsequently the purported arsenic poisoning.

One of the prominent websites at that time was the Free Anwar website managed by Raja Petra Kama­ruddin. It did Anwar a great favour and is also credited with helping to free him in 2004.

Pakatan was always a step ahead of Barisan in exploiting the developments in social media.

During the years since the Free Anwar website, Anwar himself led in the fight to exploit social media for its powerful ability to connect disparate people.

Today, social media is working overtime for Pakatan as it seeks to manufacture consent for his political themes.

Tech-savvy youths were checking iPads and smartphones during the days leading to the Bersih 2.0 rally and on the day itself.

They sent out tweets, posted comments and images and wrote about their experiences at the rally.

The truth can sometimes be lost in the maze that is social media but some images do not lie, such as the incident which took place at Tung Shin Hospital.

There is overwhelming evidence that tear gas and water cannon were fired into the hospital area after rally participants ran helter skelter into the hospital area. Images and video clips of the incident were recorded and uploaded online by many people.

It is well known that some ministers lack social media skills or have not found time to watch videos online but still make statements that later put them in a spot.

Facebook, Twitter and other social media platforms have thus become a contested arena with many pro-Barisan Nasional and pro-Pakatan Rakyat supporters arguing over their version of what the “truth” is.

For Anwar, the important thing is to keep up the political momentum achieved by Bersih 2.0. Their hope is that the next general election is held soon to capitalise on the political momentum created by the rally.

He needs the Bersih 2.0 rally to be talked about everywhere, besides calling on his friends in the Western media to write about it.

Prime Minister Datuk Seri Najib Tun Razak, on the other hand, has been spending time explaining things. While on a visit to London, he was interviewed on CNN where he took questions on the rally, on police brutality and on his economic transformation plans for the country.

Najib has to put a distance between himself and the effects of the rally on the people, especially the youths who are upwardly mobile.

The social media is Anwar’s strong suit. The same cannot be said about many government leaders.

But not everybody is connected and those who are connected deeply disagree on what really happened on July 9.

The silent majority is out there and when they speak, it will be a roar.

WikiLeaks and the Internet’s Long War


Some historians like to talk about the “Long War” of the 20th century, a conflict spanning both world wars and the wars in Korea and Vietnam. They stress that this Long War was a single struggle over what kind of political system would rule the world – democracy, communism or fascism – and that what a war is fought over is often more important than the specifics of individual armies and nations.

The Internet, too, is embroiled in a Long War.

The latest fighters on one side are Julian Assange, founder of WikiLeaks, and the media-dubbed “hacker army” that has risen in his defense in the past week, staging coordinated attacks on government and corporate institutions that have stood in his way. They come from a long tradition of Internet expansionists, who hold that the Web should remake the rest of the world in its own image. They believe that decentralized, transparent and radically open networks should be the organizing principle for all things in society, big and small.

On the other side are those who believe fundamentally that the world should remake the Web in its own image. This side believes that the Internet at its heart is simply a tool, something that should be shaped to serve the demands of existing institutions. Each side seeks to mold the technology and standards of the Web to suit its particular vision.

In this current conflict, the loose confederation of “hacktivists” who rallied in support of Assange in what they called Operation Payback, targeted MasterCard, PayPal, Visa and other companies with a denial-of-service attack, effectively preventing Web sites from operating. It’s a global effort of often surprising scope; Dutch police said they arrested a 16-year-old last week suspected to be involved.

Their cause, from which Assange has publicly distanced himself, follows the simple logic of independence. One self-declared spokesperson for the “Anonymous” group doing battle for WikiLeaks explained its philosophy to the Guardian newspaper. “We’re against corporations and government interfering on the Internet,” said the 22-year-old, identified only as Coldblood. “We believe it should be open and free for everyone.”

The battle between “Anonymous” and the establishment isn’t the first in the Long War between media-dubbed “hackers” and institutions, and considering the conflict’s progression is key to understanding where it will lead.

In the early 1980s, Richard Stallman, then an employee at MIT’s artificial-intelligence lab, was denied permission to access and edit computer code for the lab’s laser printer. Frustrated, he kicked off what he calls GNU, a massively collaborative project to create a free and sharable operating system. His efforts sparked a widespread movement challenging the restriction of access to software through patents. Supporters asserted that they had a right to control the code in their own computers.

The battle reached far beyond Stallman, eventually pitting corporations and patent-holders against this early generation of free-software advocates. The bulk of most software is still private, though open-source projects have gained popularity and even dominance in some arenas. Stallman continues to advocate for free software.

Another major milestone in the conflict arose in 1999, when Shawn Fanning launched Napster, allowing for seamless peer-to-peer sharing of content. The service ballooned, claiming more than 25 million users at its peak and resulting in mountains of copyrighted content flowing freely across the Web. The site was sued and shut down in 2001. However, the ensuing battle over copyright law drew a line between industry representatives, such as the Recording Industry Association of America, and the “hacker” advocates for the free flow of content.

Though Napster was forced to stop operating as a free service, the culture and innovation that it launched continued to grow. This led to the creation in 2001 of BitTorrent, a distributed and difficult-to-track peer-to-peer method of transferring large files.

Large-scale use of this technology emerged in 2003 in the form of the Pirate Bay, which indexes BitTorrent files en masse. The site’s founders and operators, Gottfrid Svartholm Warg, Carl Lundstrom, Fredrik Neij and Peter Sunde, would emerge as the Assanges of this battle, permitting a massive and continuous leak of copyrighted content in the face of waves of police raids and lawsuits – persisting even beyond their eventual conviction on infringement charges in 2009.

The WikiLeaks fight is in the tradition of these conflicts, just on a much vaster scale. As the Internet has become an integral part of our everyday lives, narrow and technical questions about who gets to run and edit computer code have morphed first into battles over copyrighted content, and now into fights at the highest levels of government secrecy and corporate power. Assange’s efforts to undermine the secrecy and control of established institutions – and the attacks his defenders have launched against MasterCard, a Swedish prosecutor and possibly Sarah Palin’s political action committee – are the latest and highest form of a war that has been waged for decades.

So what is the future of this Long War?

In his recent book “The Master Switch,” Columbia law professor Tim Wu makes the case that the Internet, on its most basic level, is just like any other communications medium. As such, we shouldn’t be surprised to see consolidation and government control over the Web. It’s true that most other media – movies, radio and television – have gone through phases of wild growth and experimentation, eventually settling into a pattern of consolidation and control.

Why should we expect any different of the Web? Is the arc of the Internet’s Long War predetermined?

One key factor is embedded in the history of the Web and the many iterations of the Long War itself: The Internet has cultivated a public vested in its freedom. Each round of conflict draws in additional supporters, from hackers to the growing numbers of open-government activists and everyday users who believe, more and more, that the radical openness of the Web should set the pattern for everything.

As the battlefield has become more vast – from laser printer code to transparency in global diplomacy – the Internet’s standing army continues to grow, and is spoiling for a fight.

By Tim Hwang

Tim Hwang is the founder of ROFLCon, a conference about Web culture and Internet celebrity, and a formerresearcher at Harvard’s Berkman Center for Internet and Society.

Newscribe : get free news in real time

Cyber guarding


By PRIYA KULASAGARAN ,educate@thestar.com.my

Hackers may have a reputation for having dubious intentions, but there are those employed to hack into IT infrastructures to ensure their security.

WITH high-profile cases such as that of Lin Mun Poo, the Malaysian who stole a massive quantity of financial account data by gaining access to the American Federal Reserve Bank, hackers have earned a rather notorious reputation.

However, Dell IT security manager Meling Mudin thinks that this mainstream definition of hacking is a narrow one.

Meling: A hacker is simply someone who likes to figure out how things work.

“It’s not just all about breaking into computer systems,” says Meling.

“For me, a hacker is simply someone who likes to figure out how things work, and proceeds to use that knowledge to invent creative new ways of using something.”

With almost 10 years of experience in the computer security field, the self-described ethical hacker professes a passion for tinkering around with technology.

“As an ethical hacker, I’m legally employed by a company to hack into their IT infrastructure to make sure that it is secure.

“The thrill I get from it is being able to understand how a particular software or system works. I don’t see the point of unlawfully cracking into someone else’s computer,” he says.

My job involves …

… penetration testing of Dell’s internal and external information systems, which includes its databases, network routers and e-commerce websites. Basically I make sure that the company’s global IT infrastructure is secure – by hacking into it to detect any vulnerabilities.

Privacy is a particularly serious issue as scammers could potentially collect users’ personal data without their knowledge in order to gain access to bank accounts and credit card numbers. — File photo

The methodology for doing this is fairly routine. First, I gather all the information I need about the system and how it works, and then I look for possible vulnerabilities and try to exploit them. After that, I offer support in order to remedy any flaws in the system.

Hacking into a system is not just a matter of blindly going in and messing it up, because if I bring down a critical component in a company’s IT framework, it could potentially crash the whole thing and cost the company thousands.

So, I have to plan an attack so as to exploit any weaknesses without compromising the entire system.

Another thing my department does is a quarterly review to make sure that Dell’s system and security policy comply with the industry standards.

My morning starts with …

… checking e-mails and going through my Google Reader to check out the latest updates in security threats and systems.

The rest of the day is usually just getting on with my work or updating clients on my progress.

As more people become increasingly reliant on technology for everyday tasks, there is a greater need for experts to ensure computer and network security. — AP file photo

Working at Dell, I only need to go into the office once a week to attend meetings, brief clients or have a one-on-one session with my supervisor.

The rest of the time, I’m free to do my work wherever I want, as long as deadlines are met. Typically, I would be working on multiple projects, and each one can take between three to 10 days to execute.

However, this varies from company to company. If you’re working at a consultancy firm for instance, you probably would have to go on-site to work at the client’s request.

To qualify, you need…

… a degree in information technology, computer science, or even engineering.

These days, there are numerous professional certifications to pursue if you wish to specialise in a certain area of IT security. You could for instance be a malware analyst or a forensic investigator.

But getting certified can be an expensive affair as these courses cost thousands. If you can’t afford it, it’s better to just build up experience in the field. The security industry in Malaysia is still quite small, so your peers will know how good you are as long as you take the initiative to prove yourself. As long as you are reputable, it doesn’t matter if you’re certified or not.

The best person for the job …

… is someone who is passionate and interested in the world of computing.

You also need a sense of curiosity about how things work, and have the eagerness to keep learning.

Since you need to translate a lot of technical jargon into plain language for your clients, having good communication skills is equally important.

I love my job because …

… of the continuous learning experience the field provides. In IT security, there are always new threats to circumvent and new methodologies to explore.

I enjoy getting into the mechanics of the latest technology and see how we can improve security systems.

What I dislike most…

… is nothing really! I honestly have no complaints, because it’s all part and parcel of my line of work.

Although a task like writing reports can get tedious at times, it is an important process in order to get the client to understand what it is that I have just fixed.

Prospects for the future…

… are very good. There will always be a demand for security professionals, especially as we get more and more reliant on technology for everyday tasks.

Privacy is a particularly serious issue as scammers could potentially collect your personal data without your knowledge in order to gain access to bank accounts, credit card numbers and so on.

A millionaire by 30?

It is possible, as long as you plan your career. If you have the right attitude and enough experience, I certainly think that you can make a fair amount of money.

Prospective U.S. Cyber Command Talks Terms of Digital Warfares


070830-N-9758L-053

For years, the military has worried about the vulnerability of the United States to cyberattack — and how and when to return fire in digital warfare. Now, the issue is taking center stage, as the Senate considers the nomination of an Army general to head the military’s first four-star Cyber Command.

In a hearing this morning, the Senate Armed Services Committee will review the nomination of Army Lt. Gen. Keith Alexander to be the head of the Pentagon’s new Cyber Command. It’s a chance to get a closer look at the kind of capabilities for waging network warfare the Pentagon thinks it needs. But it’s also likely to raise questions about just how far the military is willing to go in attacking foreign networks.

Last year, Secretary of Defense Robert Gates ordered the creation of U.S. Cyber Command to coordinate all of the military’s online activities. Alexander is in many ways a logical pick. He comes from the world of electronic intelligence: He is director of the National Security Agency (NSA), the super-secretive military and intelligence outfit at Fort Meade, Maryland, that is charged with code-cracking and foreign communications interception. And he will head an organization that, in large part, will be an important line of defense against cyberspying. (He’s a classmate of Gen. David Petraeus, West Point class of ‘74.)

But Alexander will also have to answer questions about how the United States might retaliate if it comes under online attack. Military planners are mindful of incidents like the massive cyberassaults against Georgia in 2008 and Estonia in 2007. In both cases, fingers pointed to Russia, but experts questioned whether the Russian government had a direct hand in events, and pointed instead to the role played by patriotic volunteers (or “cybermilitias”) who orchestrated the online assaults.

In both of those cases, cyberattacks threatened civilian networks and the financial system. It’s unclear if the military could retaliate in kind. In a series of written answers to questions from senators (.pdf), Alexander said, “It is difficult for me to conceive of an instance where it would be appropriate to attack a bank or a financial institution, unless perhaps it was being used solely to support enemy military operations.”

And the scope of responsibility for the new commander is also quite sweeping (Alexander will also be “dual-hatted,” staying on as head of the NSA). In written answers, Alexander said the organization’s new missions would include “integrating cyberspace operations and synchronizing warfighting effects across the global-security environment; providing support to civil authorities and international partners; directing global-information grid operations and defense; executing full-spectrum military cyberspace operations; serving as the focal point for deconfliction of DOD offensive cyberspace operations; providing improved shared situational awareness of cyberspace operations, including indications and warning.”

In other words, everything but the kitchen sink. We’ll be watching the hearing, and will hope to get more answers on Alexander’s vision for the new command

Follow

Get every new post delivered to your Inbox.

Join 1,240 other followers

%d bloggers like this: