WannaCry ransomeware attacks, how to prevent it?


Source: Intel.malwaretech.com

WannaCry has spread to Malaysia; two companies here were stricken by the ransomware virus that has infected a massive number of computers across the globe since Friday. Hackers use the virus to hold a victim’s data to ransom – pay up or lose all your information – and the victims overseas include hospital networks, businesses and government agencies.

PETALING JAYA: All governmental agencies have been told of the WannaCry ransomware outbreak and have armoured themselves against attacks.

“All government agencies at federal and state level have been alerted and ensured that their computers have been patched accordingly,” said CyberSecurity CEO Datuk Dr Amirudin Abdul Wahab.

Dr Amirudin said the WannaCry ransomware exploited vulnerabilities of the Windows operating system, especially on Windows XP which has stopped receiving updates since 2014.

“The malware exploits a flaw in the network protocol called the Server Message Block. Unlike former malware cases which is localised to a single computer, WannaCry exploits the operating system’s vulnerabilities and spreads it across PCs in the network.

“This is why it spread at such speed and range. Realising this, Microsoft came out with the MS17010 patch to stop this particular malware from working and spreading,” he said in a phone interview.

The patch was first rolled out in March this year but was not available to Windows XP, Windows 9 and Windows 2003 until May 12, after WannaCry’s outbreak.

According to the Microsoft Security Response Centre, Windows 10 users were not targeted by the attack.

To protect themselves against any malware attack, computer users were urged to back up their files, avoid clicking on suspicious links online or download attachments in e-mail messages sent by strangers.

“Apart from preventive measures, if you think you have been infected by the malware, please report to us at cyber999@cybersecurity.my or call us at 1300-882999,” he said.

In response to a question, Dr Amirudin said it was not an obligation under the law for anyone to report any security breach.

“It is not mandatory in Malaysia, unlike in some other countries,” he lamented, pointing out that when people made a report to CyberSecurity, their confidentiality would be paramount.

“We can also provide assistance,” Dr Amirudin added.

As of 6pm yesterday, CyberSecurity has yet to receive any report on infected computers in Malaysia.

“It does not mean that infection will not happen. At present, however, the situation is manageable and under control and we are always on the alert,” he said.

When contacted, the Malaysian Communications and Multimedia Commission and CyberSecurity Malaysia also said they had not received any report of a WannaCry infection in Malaysia.

Ransomware: how hackers take your data hostage

Screens of NHS computers with images demanding payment of US$300 (RM1,302) in Bitcoin (Bitcoin, digital currencies rally, caution prevails; virtual currency in property), saying: “Ooops, your files have been encrypted!”

It demands payment in three days or the price is doubled, and if none is received in seven days the files will be deleted, according to the screen message.

“Ransomware becomes particularly nasty when it infects institutions like hospitals, where it can put people’s lives in danger,” said Kroustek, the Avast analyst.

A hacking group called Shadow Brokers released the malware in April claiming to have discovered the flaw from the NSA, Kaspersky said.

Although Microsoft released a security patch for the flaw earlier this year, many systems have yet to be updated, researchers said.

“Unlike most other attacks, this malware is spreading primarily by direct infection from machine to machine on local networks, rather than purely by email,” said Lance Cottrell, chief scientist at the US technology group Ntrepid.

Some said the attacks highlighted the need for agencies like the NSA to disclose security flaws so they can be patched.

G7 finance ministers meeting in Italy discussed the attacks and were expected to commit to stepping up international cooperation against a growing threat to their economies. — AFP

Massive Ransomware Attack Hits 99 Countries

PHILADELPHIA (CNN)–Tens of thousands of ransomware attacks are targeting organizations around the world on Friday.

Cybersecurity firm Avast said it has tracked more than 75,000 attacks in 99 countries. It said the majority of the attacks targeted Russia, Ukraine and Taiwan.

What is it?

The ransomware locks down all the files on an infected computer and asks the computer’s administrator to pay in order to regain control of them.

The ransomware, called “WannaCry,” is spread by taking advantage of a Windows vulnerability that Microsoft released a security patch for in March. But computers and networks that haven’t updated their systems are at risk. The exploit was leaked last month as part of a trove of NSA spy tools.

“Affected machines have six hours to pay up and every few hours the ransom goes up,” said Kurt Baumgartner, the principal security researcher at security firm Kaspersky Lab. “Most folks that have paid up appear to have paid the initial $300 in the first few hours.”

Sixteen National Health Service (NHS) organizations in the UK have been hit, and some of those hospitals have canceled outpatient appointments and told people to avoid emergency departments if possible. Spanish telecom company Telefónica was also hit with the ransomware.

Spanish authorities confirmed the ransomware is spreading through the vulnerability, called “EternalBlue,” and advised people to patch.

“It is going to spread far and wide within the internal systems of organizations — this is turning into the biggest cybersecurity incident I’ve ever seen,” UK-based security architect Kevin Beaumont said.

Russia’s Interior Ministry released a statement acknowledging a ransomware attack on its computers, adding that less than 1% of computers were affected, and that the virus is now “localized.” The statement said antivirus systems are working to destroy it.

Megafon, a Russian telecommunications company, was also hit by the attack. Spokesman Petr Lidov told CNN that it affected call centers but not the company’s networks. He said the situation is now under control.

“We encourage all Americans to update your operating systems and implement vigorous cybersecurity practices at home, work, and school,” the U.S. Department of Homeland Security said in a statement released late Friday. “We are actively sharing information related to this event and stand ready to lend technical support and assistance as needed to our partners, both in the United States and internationally.”

Kaspersky Lab says although the WannaCry ransomware can infect computers even without the vulnerability, EternalBlue is “the most significant factor” in the global outbreak.

How to prevent it

Beaumont examined a sample of the ransomware used to target NHS and confirmed it was the same used to target Telefónica. He said companies can apply the patch released in March to all systems to prevent WannaCry infections. Although it won’t do any good for machines that have already been hit.

He said it’s likely the ransomware will spread to U.S. firms too. The ransomware is automatically scanning for computers it can infect whenever it loads itself onto a new machine. It can infect other computers on the same wireless network.

“It has a ‘hunter’ module, which seeks out PCs on internal networks,” Beaumont said. “So, for example, if your laptop is infected and you went to a coffee shop, it would spread to PCs at the coffee shop. From there, to other companies.”

According to Matthew Hickey, founder of the security firm Hacker House, Friday’s attack is not surprising, and it shows many organizations do not apply updates in a timely fashion. When CNNTech first reported the Microsoft vulnerabilities leaked in April, Hickey said they were the “most damaging” he’d seen in several years, and warned that businesses would be most at risk.

Consumers who have up-to-date software are protected from this ransomware. Here’s how to turn automatic updates on.

It’s not the first time hackers have used the leaked NSA tools to infect computers. Soon after the leak, hackers infected thousands of vulnerable machines with a backdoor called DOUBLEPULSAR.

Source: CNN’s Clare Sebastian contributed to this report.

WannaCry strikes two Malaysian companies

PETALING JAYA: Two local companies have been hit by the infamous WannaCry ransomware, three days after the malicious software was released, infecting 200,000 computers in 150 countries so far.

According to IT security services company LGMS, the first case in Malaysia involved a director of one of its clients who came across the dreaded ransomware on his personal laptop on Saturday morning.

LGMS founder C.F. Fong said the data in the laptop had to be erased as the person did not intend to pay the US$300 (RM1,300) ransom.

The same ransomware appeared in the machine of an automotive shop on Sunday morning.

“The company didn’t have any backup and might pay (the ransom),” said Fong.

Besides disconnecting compu­ters from the network, there was not much else they could do, he noted.

As of 3pm yesterday, a website tracking incidences of WannaCry infections started showing blips in the Klang Valley area.

The website displays a blip whenever an infected computer pings its tracking servers, thus allowing it to map out a geographical distribution of the WannaCry infection.

Fong added that any machine infected by WannaCry should not be connected to a public or cor­­porate network.

“Once you plug into any network, it will start spreading,” he pointed out.

Fong said none of LGMS’ clients, which include major banks in Malaysia, had reported any pro­blems so far, adding that he was quite confident that those who re­gularly updated their computers would not face any problems with WannaCry.

He said ransomware was not new but WannaCry had caused worldwide alarm because of how fast it was spreading.

“We have seen worse and devastating ransomware attacks before but WannaCry’s infection rate is one of the fastest ever as it exploits the vulnerability that exists in Windows,” Fong said.

Security companies all over the world are reporting an unprecedented wave of WannaCry ransomware infections since Friday when more than 150 countries were hit by it.

The ransomware encrypts the data on an infected computer, preventing users from accessing it.

According to a report in The Guardian, the ransomware uses a vulnerability first revealed as part of a leaked stash of NSA-related documents, which infects machines running Windows and encrypts their contents before demanding a ransom to decrypt these files.

The perpetrators promise to release the data once a ransom of US$300 (RM1,300) is paid.

In just two days, computer networks of Britain’s National Health Service, Russia’s interior ministry and international shipper FedEx, among others, were affected.

The website tracking incidences of WannaCry infections was created by a 22-year-old British re­sear­cher known only as MalwareTech, who was credited with being an “accidental hero” after discovering a “kill switch” that halted WannaCry’s outbreak.

Cyber security expert: WannaCry ransomware has … – The Star Online

Malaysia also hit by WannaCry ransomware – Nation

Singapore not affected by cyber attacks

How to Remove Ransomware. – Ransomware Removal Instruction

Police raid CYL office, seize items

The tyranny of Pokemon Go, more addictive than other games


It’s repetitive. The ‘game play’ is puerile. But it does cast a spell on players.

Malaysia, a plague has just arrived in your land and, if the rest of the world is any indication, it will infect every corner of your society. I’m talking of course about the infectious tyranny that is Pokemon Go. Really.

This is a game with very little in actual game play. You throw Pokeballs at Pokemon that spawn seemingly all over your neighbourhood, on your friends, and even in your own home. You capture them to fight other Pokemon, then you wash, rinse, repeat.

The battle aspect comes down to swiping right and tapping your screen a bunch of times. It’s not exactly the most nuanced or skilled or even fun game play in the world but yet, Pokemon Go has taken over the world.

I didn’t quite understand it until it arrived in Hong Kong, but suddenly on the street people were face down in their phones even more so than usual. And whenever I snuck a look there was a little critter bouncing around on their screens that they were trying to capture by tossing Pokeballs at it.

Silly. Ridiculous. So of course, yours truly had to try it.

And of course, yours truly got addicted just like everyone else.

Really, the game should be called Pokecrack or something a little more indicative of its addictive nature. Walking the dog at night, I seek out the local gyms – Pokemon Go locations where you can train or battle other Pokemon, but only at certain locations in the city – see, that’s why it’s got the “Go” in its name, this isn’t a game you can play from home – and at all these locations, even at midnight, I find people milling around in their pyjamas outside, with their faces stuck to their phones. Me included.

I went to a bar to meet a friend the other day and of course we started hunting Pokemon while there, which quite a few others were already doing. On the way out to the pay the bill the barkeep invited us back on Saturday because they would be “buying lures all day to attract more Pokemon”. Yes, Pokemon is now a way to attract people to your business.

Pikachu, I choose you.

But why is this game so addictive? I just said the game play was infantile. So simple that it boggles the mind. And it is. But everything in Pokemon Go centres on the rewards of new and exotic Pokemon and levelling up.

Basically it’s a game that hinges on the Random Reward Schedule.

The Random Reward Schedule is a tenet of behavioural psychology. It’s a form of reinforcement. Reinforcement, of course, “strengthens an organism’s future behaviour whenever that behaviour is preceded by a specific antecedent stimulus”. That’s a mouthful.

Basically, what it’s saying is that you will continue to do a thing if you get positive feedback.

This all goes back to the research of B.F. Skinner, who noted that the variable reward schedule or the random reward schedule resulted in the most compulsive and addictive behaviour in mice. Basically, mice were trained to press a lever that would dispense treats.

The mice that were rewarded with a treat every time were less inclined to keep pressing the lever, than the mice that were rewarded with a large treat at random intervals. The idea being that when a mouse thinks there could be a nice reward just around the corner, it will keep performing the same action.

The same goes for humans.

In Pokemon Go you’re constantly checking for Pokemon appearing in your vicinity. Most times they are common ones like Pidgeys or Caterpies, but every once in a while, you find something exciting like a Vaporean or an Electabuzz. And yes, I know how nerdy this sounds right now. Those rare and exotic Pokemon are just like large treats to a mouse.

The random reward schedule is linked to the Hook Model which is a technique employed by social media and mobile game designers and, of course the designers of Pokemon Go. Its mission – the name gives it away – is to hook you.

It goes beyond simple reinforcement of behaviour; it’s all about creating habits so that we’ll continue doing something the designers want us to do. In this case, it’s to continue searching for Pokemon and hopefully spend a few of our hard-earned dollars for gear that will help us do just that.

Pokemon Go also employs another aspect of the model, and that is our need to hunt. In the evolutionary sense, we are hunters, hunting for food in the wild. Pokemon Go employs a tracking system to find those rare and exotic Pokemon so that we are literally hunting down little virtual critters. All. Day. Long.

But we’re not hunting for sustenance, now we’re just hunting for the sake of hunting. Our genetic urges are misfiring all over Pokemon Go.

And knowing that I’m being manipulated on the most fundamental level by this game, I’m still checking my phone periodically to see if any rare Pokemon have showed up. And it’s not even fun.

So what to do, now that Pokemon Go has come for … to us? It really depends. It does make you walk more, and it can make your daily commutes a little more enjoyable (depending on your definition of enjoyable) – but if you don’t like having your face stuck in your phone, then you’re better off treating Pokemon Go like drugs, and not even trying it.

By Jason Godfrey –

Catch Jason Godfrey on The LINK on Life Inspired HD (Astro Ch 728).

More addictive than other games

CATCHING virtual critters on Pokémon GO has a tendency to be more addictive than other online games.

Experts say the risk of being addicted to the highly-popular game is increased because it is a feast for the senses.

This is especially since it is an augmented reality game, which requires players to have a live direct or indirect view of their physical surroundings.

“The risk of addiction is increased as there are multiple sensory bombardments that sustain playing Pokémon GO.

“Such sensory bombardments are continuous, leading to pleasure and satisfaction highs once players level up in the game and are motivated to continue,” explains Universiti Sains Malaysia criminologist and psychologist Dr Geshina Ayu Mat Saat.

She says this can be dangerous as it makes individuals dependent on the game for pleasure or happiness and some people may confuse the two.

“It could also lead to despair when the game is concluded, when they experience problems, or when a level objective could not be met.

“These are similar responses that an addict experiences. Normal functioning is disrupted, the least being in terms of sleeping and eating patterns,” Dr Geshina says.

Other aspects that could be affected are family interaction, work-life balance, carrying out responsibilities and daily tasks.

Dr Geshina finds that there are pros and cons to playing the game.

“On one hand, players will get more physical exercise, apply problem-solving skills, and have some social interaction when they meet other players in real life,” she says.

But on the other hand, too much focus on their phones may narrow their perception, leading to selective attention on the immediate environment to fulfil the needs of the game rather than a genuine appreciation of the outdoors.

“Social interaction may be limited to brusque questions of where the characters are, rather than polite or pleasant queries to initiate meaningful conversation,” says Dr Geshina.

She also notes that there is also a possibility that players, especially children, will be unable to separate between reality and the game as it blurs the lines and makes players a living game avatar.

Malaysian Mental Health Association deputy president and consultant psychiatrist Datuk Dr Andrew Mohanraj Chandrasekaran says people are generally eager to embrace new technology and will surely warm up to augmented reality games like Pokémon GO.

Describing the game as “taking it one step further”, he says one positive point of the game is that it can motivate people to get out more and connect with others with common interests.

“This is particularly relevant to people with introverted personalities and those suffering from depression.”

Dr Andrew, however, points out that the game can be a double-edged sword and could also work negatively in making people more engrossed in their phones.

“Ultimately, technology must be embraced for the right purpose – be it for recreational, therapeutic or competitive purposes.

“Technology can also be harmful, destroy interpersonal relationship, affect social cohesion, blur the lines between appropriate and inappropriate behaviour and cause confusion between reality and the virtual world.

“Knowing how to embrace technology in a balanced manner is the answer,” he says.

Sources:  The Star/Asia News Network

Bitcoin is not money, judges rules in victory for backers


 

Ruling means no specific licence needed to buy or to sell crypto-currency

Bitcoin, a Florida judge says, is not real money. Ironically, that could provide a boost to use of the crypto-currency which has remained in the shadows of the financial system.

The July 22 ruling by Miami-Dade Circuit Judge Teresa Pooler means that no specific license is needed to buy and sell bitcoins.

The judge dismissed a case against Michel Espinoza, who had faced money laundering and other criminal charges for attempting to sell $1,500 worth of bitcoins to an undercover agent who told the defendant he was going to use the virtual money to buy stolen credit card numbers.

Espinoza’s lawyer Rene Palomino said the judge acknowledged that it was not illegal to sell one’s property and ruled that this did not constitute running an unauthorized financial service.

“He was selling his own personal bitcoins,” Palomino said. “This decision clears the way for you to do that in the state of the Florida without a money transmitting license.”

In her ruling, Pooler said, “this court is unwilling to punish a man for selling his property to another, when his actions fall under a statute that is so vaguely written that even legal professionals have difficulty finding a singular meaning.”

She added that “this court is not an expert in economics,” but that bitcoin “has a long way to go before it is the equivalent of money.”

Bitcoin, whose origins remain a mystery, is a virtual currency that is created from computer code and is not backed by any government. Advocates say this makes it an efficient alternative to traditional currencies because it is not subject to the whims of a state that may devalue its money to cut its debt, for example.

Bitcoins can be exchanged for goods and services, provided another party is willing to accept them, but until now they been used mostly for shady transactions or to buy illegal goods and services on the “dark” web.

Bitcoin was launched in 2009 as a bit of software written under the Japanese-sounding name Satoshi Nakamoto. This year Australian programmer Craig Wright claimed to be the author but failed to convince the broader bitcoin community.

In some areas of the United States bitcoin is accepted in stores, restaurants and online transactions, but it is illegal in some countries, notably France and China.

It is gaining ground in countries with high inflation such as Argentina and Venezuela.

But bitcoin values can be volatile. Over the past week its value slumped 20 percent in a day, then recouped most losses, after news that a Hong Kong bitcoin exchange had been hacked with some $65 million missing.

Impact across US, world

Arthur Long, a lawyer specializing in the sector with the New York firm Gibson Dunn, said the July court ruling is a small victory for the virtual currency but that it’s not clear if the interpretation will be the same in other US states or at the federal level.

“It may have an effect as some states are trying to use existing money transmitting statutes to regulate certain transactions in bitcoin,” Long told AFP.

Charles Evans, professor of finance at Barry University, said the ruling “absolutely is going to provide some guidance in other courts” and could potentially be used as a precedent in other countries to avoid the stigma associated with bitcoin use.

Bitcoins can store value and hedge against inflation, without being considered a monetary unit, according to Evans, who testified as an expert witness in the Florida trial.

“It can be used as an exchange,” he said, and may be considered a commodity which can be used for bartering like fish or tobacco, for example.

Evans noted that “those who are not yet in the bitcoin community will be put on notice: as long as they organize their business in a particular way they can avoid the law.”

But he added that “people who are engaged in illegal activities will continue to do what they are going to do because they are criminals.- AFP”

Related posts:

 Bitcoin falls after exchange is hacked, US$72 mil stolen from Bitfinex exchange in HK 

Aug 25, 2015 Tokyo (AFP) – The arrest of MtGox boss Mark Karpeles has begun to shed light
on the defunct Bitcoin exchange after hundreds of millions of …

Jun 27, 2016 Despite the increase in the price of bitcoin amid the UK’s recent EU referendum,
a new research note from Needham & Company asserts it …
Mar 30, 2014 It seemed ludicrous that the man credited with inventing Bitcoin – the world’s most
wildly successful digital currency, with transactions of nearly …

 Apr 14, 2014 The Internet has spawned a new form of currency that’s purely digital called Bitcoin. Picture this — a

Bitcoin falls after exchange is hacked, US$72 mil stolen from Bitfinex exchange in HK


Securing the bitcoin trading platform has proved elusive.

The price of bitcoin fell sharply today exacerbating an already ongoing decline as global market participants reacted to news that one of the largest digital currency exchanges had been hacked. Bitcoin Drops Nearly 20% as Exchange Hack Amplifies Price Decline

The price of the virtual currency bitcoin fell sharply after Hong Kong-based digital-currency exchange Bitfinex said it was hacked, resulting in the possible theft of about $65 million worth of bitcoin.

News of the Bitfinex hack hit the price of bitcoin hard in heavy trading on Tuesday. It fell to $540 by late in the day, down about 12% from its level near $613 early Tuesday, according to CoinDesk. At one point, it traded as low as $480, down about 22%, though it recovered to about $548 by late morning in New York on Wednesday.

The hack marks one of the largest thefts in bitcoin’s short history and follows a separate alleged theft of an estimated $60 million worth of ethereum, a rival virtual currency, in June. In 2014, investor confidence in bitcoin also was dented by another larger cybersecurity breach, at the Japanese exchange Mt. Gox.

Hacking and thefts of investor property stand as two of the biggest issues that may prevent the fast-growing digital currency from gaining more widespread use. Bitcoin trades on an open ledger known as the blockchain that has excited technologists for its ability to cut out expensive layers of bureaucracy in various areas of commerce.

But securing the bitcoin trading platform has proved elusive. Tuesday, Bitfinex acknowledged the latest theft in a statement on its website and said it was halting all trading on Bitfinex as well as the deposits and withdrawals of digital tokens.

“The theft is being reported to—and we are co-operating with—law enforcement,” the statement said. “We are deeply concerned about this issue and we are committing every resource to try to resolve it.”

Zane Tackett, Bitfinex’s director of community and product development, confirmed that 119,756 bitcoins were stolen and said the company knows “exactly how relevant systems were compromised.” At Tuesday’s value, the amount of bitcoin stolen was worth about $65 million. Mr. Tackett said the company is working with law enforcement and analytics companies to try to track down the stolen coins and is working to get its platform back up so customers can check their accounts.

It wasn’t clear what percentage of Bitfinex’s overall assets were stolen or whether or not the company had adequate insurance to cover the theft.

“We are investigating the breach to determine what happened, but we know that some of our users have had their bitcoins stolen,” the statement added. “We are undertaking a review to determine which users have been affected by the breach. While we conduct this initial investigation and secure our environment, bitfinex.com will be taken down and the maintenance page will be left up.”

In 2014, the Tokyo-based exchange Mt. Gox collapsed after a yearslong series of attacks resulted in the theft of about 850,000 bitcoins, at the time worth about $450 million. About 200,000 were later recovered. In June, Mt. Gox Chief Executive Mark Karpales was released from a Japanese prison on bail, after serving 10 months. The company’s liquidation is ongoing.

Bitcoin rallied earlier this year but had been selling off lately after an anticipated event known as a “halving” in early July lowered the subsidy paid to bitcoin miners supporting the network.

In 2015, Bitfinex switched to a system protected by what is known as “multiple signature” security, a feature that requires multiple “keys” to access bitcoin in a virtual wallet, and keeps the customers’ money in separate accounts, rather than pooling them into one larger account.

The exchange was fined $75,000 by the U.S. Commodity Futures Trading Commission in June for offering illegal off-exchange commodity transactions financed in bitcoin and other cryptocurrencies and for failing to register as a futures commission merchant. The CFTC said at the time that Bitfinex cooperated with its investigation and voluntarily made changes to its business practices to comply with regulations.

– The Wall Street Journal BY PAUL VIGNA AND GREGOR STUART HUNTER

Bitcoin worth US$72 mil stolen from Bitfinex exchange in Hong Kong


A Bitcoin (virtual currency) paper wallet with QR codes and a coin are seen in an illustration picture taken at La Maison du Bitcoin in Paris, France, May 27, 2015.
Reuters/Benoit Tessier/File Photo

HONG KONG (Aug 3): Nearly 120,000 units of digital currency bitcoin worth about US$72 million was stolen from the exchange platform Bitfinex in Hong Kong, rattling the global bitcoin community in the second-biggest security breach ever of such an exchange.

Bitfinex is the world’s largest dollar-based exchange for bitcoin, and is known in the digital currency community for having deep liquidity in the US dollar/bitcoin currency pair.

Zane Tackett, Director of Community & Product Development for Bitfinex, told Reuters on Wednesday that 119,756 bitcoin had been stolen from users’ accounts and that the exchange had not yet decided how to address customer losses.

“The bitcoin was stolen from users’ segregated wallets,” he said.

The company said it had reported the theft to law enforcement and was cooperating with top blockchain analytic companies to track the stolen coins.

Last year, Bitfinex announced a tie-up with Palo Alto-based BitGo, which uses multiple-signature security to store user deposits online, allowing for faster withdrawals.

“Our investigation has found no evidence of a breach to any BitGo servers,” BitGo said in a Tweet.

“With users’ funds secured using multi-signature technology in partnership with BitGo, a lot more is at stake for the backbone of the bitcoin industry, with its stalwarts and prided tech under fire,” said Charles Hayter, chief executive and founder of digital currency website CryptoCompare.

The security breach comes two months after Bitfinex was ordered to pay a US$75,000 fine by the US Commodity and Futures Trading Commission in part for offering illegal off-exchange financed commodity transactions in bitcoin and other digital currencies.

BITCOIN SLUMP

Tuesday’s breach triggered a slump in bitcoin prices and was reminiscent of events that led to the 2014 collapse of Tokyo-based exchange Mt Gox, which said it had lost about US$500 million worth of customers’ Bitcoins in a hacking attack.

Bitcoin plunged just over 23% on Tuesday after the news broke. On Wednesday it was up 1% at US$545.20 on the BitStamp platform.

Tackett added that the breach did not “expose any weaknesses in the security of a blockchain”, the technology that generates and processes bitcoin, a web-based “cryptocurrency” that can move across the globe anonymously without the need for a central authority.

A bitcoin expert said the scandal highlighted the risks of companies using cryptography for their ledgers.

“The more you rely on its benefits, the greater the potential for damage when keys are stolen. We still have some way to go to create highly secure but convenient systems,” said Singapore-based Antony Lewis.

The volume of bitcoin stolen amounts to about 0.75% of all bitcoin in circulation.

It is not yet clear whether the theft was an inside job or whether hackers were able to gain access to the system externally. On an online forum, Bitfinex’s Tackett said he was “nearly 100% certain” it was no one in the company.

Bitfinex suspended trading on Tuesday after it discovered the breach. It said on its website that it was investigating and cooperating with the authorities.

The security breach is the latest scandal to hit Hong Kong’s bitcoin market after MyCoin became embroiled in a scam last year that media estimated could have duped investors of up to US$387 million. The bitcoin trading company closed after the scandal.

The president of the Hong Kong Bitcoin Association said the only way to protect information is to disperse it in so many small pieces that the reward for hacking is too small.

“For an attacker, the cost-benefit strategy is quite easy: How much is in the pot and how likely is it that I’m getting the pot?” said Leonhard Weese.

The attack on Bitfinex was reminiscent of a similar breach at Mt. Gox, a
Tokyo-based bitcoin exchange forced to file for bankruptcy in early
2014 after hackers stole an estimated $650 million worth of customer
bitcoins.  – Reuters

Related posts:

Bitcoin CEO arrest leaves long trail of unanswered …

 Aug 25, 2015 Tokyo (AFP) – The arrest of MtGox boss Mark Karpeles has begun to shed light
on the defunct Bitcoin exchange after hundreds of millions of …

 Jun 27, 2016 Despite the increase in the price of bitcoin amid the UK’s recent EU referendum,
a new research note from Needham & Company asserts it …
Mar 30, 2014 It seemed ludicrous that the man credited with inventing Bitcoin – the world’s most
wildly successful digital currency, with transactions of nearly …

Bitcoin: cryptocurrency rising, money talks, mining boom …

 Apr 14, 2014 The Internet has spawned a new form of currency that’s purely digital called
Bitcoin. Picture this — a high speed car chase with a slew of …

Take precautions on public wifi, hackers are watching you, travellers !


Video:  //players.brightcove.net/4405352761001/default_default/index.html?videoId=5066118149001

http://www.thestar.com.my/news/nation/2016/08/01/take-precautions-on-public-wifi-cybersecurity-firm-hackers-can-gather-sensitive-data-via-unsecure-co/

KUALA LUMPUR: If you are surfing the Internet on a public Wi-Fi, always assume someone is watching you out there.

Better yet, do not connect to any public Wi-Fi at all, said LE Global Services (LGMS) executive director Fong Choong Fook, whose private cybersecurity firm employs hackers to test the network security of the country’s major banks.

“I would never use a public Wi-Fi,” he said.

“Even an IT person may not be able to tell if the access point he is connected to is safe or if the activities are being watched.

“There may be signs like your Internet is slowing down but hackers can make it so elegant that you won’t even notice,” he said in an interview.

Malaysia’s national cybersecurity agency CyberSecurity Malaysia (CSM) said hackers could position themselves between a person’s device and the Wi-Fi router and are able to record sensitive data that the surfer is keying into his device.

Hackers can also “create” their own Wi-Fi and trick people into thinking they are connected to a credible public access point like the one from a restaurant, airport or office – when in actual fact these devices are connected to the criminals’ hardware.

Thus, they would be able to remotely watch everything a person is sending out on the Wi-Fi like passwords, e-mails or credit card information.

As frightening as these attacks may sound, Fong said this had been going as early as the 1990s.

Demonstrating to The Star how a hacker could steal information, LGMS set up an “evil twin” Wi-Fi using a laptop and named it after a famous franchise restaurant just below its office in Puchong, Selangor.

Fong connected two devices to this Wi-Fi and proceeded to log into social media, e-mail and Government websites.

Within seconds of logging in, the hacker’s computer began recording the activities in both devices in the experiment – recording every e-mail address, username and password that was keyed in.

Though the demonstration was only meant for the devices in the controlled environment of the LGMS office, three other users got connected to the dummy Wi-Fi, thinking they were linked to the franchise restaurant’s Internet, during the experiment.

“Hackers can target one specific person or they can target everyone in a cafe to get their devices to send all their data through their dummy Wi-Fi

“When they have your information, they can steal your identity. They can pose as you on Facebook, or send out e-mails to your contacts under your account,” he said.

Fong advised users to avoid connecting to public Wi-Fi or to only limit their browsing to Internet searches if they must connect to one.

The firm also suggested users to subscribe to VPN (virtual private network) technologies to secure their traffic.

VPN encrypts data on devices, making it hard for hackers to spy on the user’s online activities. Most VPNs are available on a subscription basis, much like an anti-virus programme.

So far this year, CSM has recorded eight instances where private Wi-Fi networks were hacked and 1,462 cases of online intrusions have been reported, which is nearly double the number of incidents compared to the same period in 2015.

It advised users to keep their Internet browsers up to date and to disable the feature which automatically saves password in the cache –as it makes it easier for criminals to steal.

by Nicholas Cheng The Star/Asia News Network

82% of travellers would use public Wi-Fi

 

KUALA LUMPUR: You are on a holiday in a foreign country. Naturally, you want to upload pictures to your Facebook or send messages to your friends back home or trawl the Internet for places to visit.

Chances are there is no Internet data connection where you are and you would search for whatever free Wi-Fi there is at the airport, hotel or cafe to stay connected.

An estimated 82% of travellers would choose to connect with unsecured public Wi-Fi, a practice which could up risks of cyberattacks, said Kasper­sky Lab.

The cybersecurity company surveyed 11,850 people worldwide and found that people on holiday would be carefree when it comes to their personal data protection.

The study found that 42% of travellers said they were less likely to care about the credibility of the Wi-Fi when they were on holiday compared to on business travels.

A third (33%) admitted to visiting websites of sensitive nature using foreign Wi-Fi, while almost half of the respondents conducted online banking (48%), shopped online (46%) and made private calls (35%) when they were abroad.

In a separate study, it found that at least 22% of travellers who conducted transactions online had experienced money loss while 8% had had a credit card compromised while in a foreign country.

Most of the time, victims do not even know they are being watched.

CSM advised users to keep an eye on their devices’ firewall alerts. Any trigger may indicate that a third party may be trying to access their devices illegally.

A report by MasterCard estimates that 10.9 million Malaysians travelled for overseas holidays in 2014, with the numbers expecting to hit 15.2 million by 2020.

The Kaspersky study also found that people were more likely to throw caution to the wind while on holiday with respondents saying they were 18% more likely to let strangers handle their smartphones to take pictures, 28% more likely to leave their devices unsupervised, 18% more likely to contact strangers online and 6% more likely to engage in “sexting”.

Related posts:

Jun 14, 2012 Hackers may cause Internet users to become victims of Evidence Act … According to Cybersecurity Malaysia, an average of eight personal accounts … special devices in the market that enabled anyone to “sniff” WiFi networks.

Dec 21, 2014 2014 has seen a tsunami of epic hacks and identity thefts, including the … said the prominent data  leaks of 2014 would keep cyber security in …

BDS, the Beidou Navigation Satellite System from China


https://www.youtube.com/embed/4cjicmbU138

https://www.youtube.com/embed/Ra3X5ukQmNw

China launches 23rd BeiDou satellite into space – CCTV News – CCTV.com English

http://t.cn/R5SsGFc


China eyes Silk Road countries for its Beidou satellite system

18 satellites to launch for BDS by 2018

China on Thursday vowed national efforts to complete its Beidou satellite navigation system to serve global users by 2020, with priority going to countries involved in the new Silk Road initiative.

The current goal of developing China’s BeiDou Navigation Satellite System (BDS) is to “provide basic services to countries along the land and maritime Silk Roads and in neighboring regions by 2018, and to complete the constellation deployment of 35 satellites by 2020 to provide services to global users,” said a white paper released Thursday by the State Council Information Office.

A “globalized” BDS would have “positive and practical significance” in terms of connectivity around the globe, especially the interconnection between China and Southeast Asian countries under the Silk Road plan, known as the Belt and Road initiative, Huang Jun, a professor at the School of Aeronautic Science and Engineering at Beihang University, told the Global Times on Thursday.

In line with the Belt and Road initiative, China will jointly build satellite navigation augmentation systems with relevant nations and promote international applications of navigation technologies, the white paper states.

To fulfill the 2018 goal, the country plans to launch some 18 satellites for the BDS by 2018, Ran Chengqi, BDS spokesperson, told a press conference on Thursday.

“In priority Chinese cities such as Beijing and Urumqi in Northwest China’s Xinjiang Uyghur Autonomous Region, as well as low latitude countries like Thailand, the BDS is capable of offering a positioning accuracy of better than five meters,” said Ran, who is also director of China’s Satellite Navigation System Management Office.

Since 2015, the country has sent up seven more satellites into space in support of the BDS, including five navigation satellites and two backup satellites, Ran added, citing Sunday’s launch of the BDS’ 23rd satellite – a backup satellite – as an example.

In 2020, the BDS might offer different positioning accuracy choices and could provide centimeter-level accuracy under certain requirements, said Lu Weijun, a BDS expert at Beijing University of Posts and Telecommunications.

Unique features

Despite being a late starter compared with the US-developed GPS, China’s BDS has unique features, Huang said, citing the BDS short-message communication service as an example.

“The short-message communication service is mainly useful in places with insufficient ground and mobile communication capabilities, such as deserts, seas and disaster areas where communication facilities have been destroyed,” Lu told the Global Times.

More than 40,000 fishing vessels along China’s coastline have been equipped with the BDS application terminals, Ran said, adding that they also provided better communication for islands near the coastline.

The BDS short-message communication service is mainly handled by five Geostationary Orbit (GEO) satellites, Lu said. Located above China, the five GEO satellites mainly serve a coverage area of Chinese territories and the Asia-Pacific region” and “could be used to locally enhance the signal in wartime, when other satellites might have been closed.”

An independently designed global navigation and positioning network would also contribute to national security, Huang said.

Industrial chain

China is developing chips, modules and other basic products based on the BDS and other compatible systems, and fostering an independent BDS industrial chain, the white paper noted.

“By the end of April, the BDS technology has been applied to more than 24 million terminals and over 18 million mobile phones,” Ran said.

It is expected that by the end of this year, up to 50 million mobile phones will have been installed with domestic chips that will be compatible with three satellite navigation systems, namely the BDS, GPS and Russia’s GLONASS, Wang Hansheng, vice president of Olink Star, a Beijing-based company that makes navigation satellite system products, told the Global Times.

By Ding Xuezhen Source:Global Times

Related:

China’s BeiDou navigation satellite system targets global service …

May 9, 2016 The Long March-7 rocket departed for its launch base in Hainan on … A container carrying China’s new-generation Long March-7 rocket is …

Mar 1, 2016 China space station will be completed by 2020, the super “eye” to speed up
space rendezvous … The “eye” is China’s newly developed third-generation
rendezvous and docking CCD optical imaging sensor. It will be used on China’s
… China’s Space Age Grows Up As U.S. Space Race ..

May 30, 2016 China plans to launch the world’s first quantum satellite that can achieve … China
space station will be completed by 2020, the super “eye” to …

Dec 28, 2011 Ran Chengqi, the Director of the China Satellite Navigation Office introduced …..
China plans to launch the world’s first quantum satellite that can achieve … China  space station will be completed by 2020, the super “eye”.

Jun 24, 2012 [Shenzhou 9: China’s 1st Manned Space Docking (Pictures)] … “Heavenly Palace
” in Chinese) is a prototype for China’s first manned space station, …… China plans to launch the world’s first quantum satellite that can achieve…
Jun 25, 2012 China has to develop her own space station due to USA ….. China plans to launch the world’s first quantum satellite that can achieve … first..

World’s first Quantum communication satellite to be launched in China against hackers


China is poised to become the first country to send encoded information from space that cannot be hacked. Scientists are making final adjustments to China’s first quantum communication satellite. The project chief describes it as a revolution in communications.

China will launch its first experimental quantum communication satellite in July, according to the Chinese Academy of Sciences.

 

China is poised to become the first country to send encoded information from space that cannot be hacked. Scientists are making final adjustments to China’s first quantum communication satellite. The project chief describes it as a revolution in communications.

A quantum photon cannot be separated or duplicated, which means if someone tried to decode information, the encryption would change, and the receiver would know that his letter was opened by someone.

Scientists hope the new technology will protect China from future cyber issues. In 2015, cases involving information technology in China rose by more than 120 percent, according to survey by a non-profit cybersecurity institution. China plans to use its quantum satellite system to cover the planet by 2030.

On the ground, China is also building its own quantum information sharing network for use in national defense and security. At some point, China plans to connect the ground network to the quantum satellite system.

It has taken five years for Chinese scientists to develop and manufacture the first quantum satellite. In June, it will be transported to the Jiuquan Satellite Launch Center in southwest China for final preparation and launch in July., 2016

China wins space race to launch world’s first ‘quantum communication’ satellite in fight against hackers

Related posts

May 9, 2016 The Long March-7 rocket departed for its launch base in Hainan on … A container carrying China’s new-generation Long March-7 rocket is …
Mar 1, 2016 China space station will be completed by 2020, the super “eye” to speed up space rendezvous … The “eye” is China’s newly developed third-generation rendezvous and docking CCD optical imaging sensor. It will be used on China’s … China’s Space Age Grows Up As U.S. Space Race … Jun 25, 2012 .
%d bloggers like this: