Share This

Showing posts with label Hacker. Show all posts
Showing posts with label Hacker. Show all posts

Monday, 1 August 2016

Take precautions on public wifi, hackers are watching you, travellers !


http://www.thestar.com.my/news/nation/2016/08/01/take-precautions-on-public-wifi-cybersecurity-firm-hackers-can-gather-sensitive-data-via-unsecure-co/

KUALA LUMPUR: If you are surfing the Internet on a public Wi-Fi, always assume someone is watching you out there.

Better yet, do not connect to any public Wi-Fi at all, said LE Global Services (LGMS) executive director Fong Choong Fook, whose private cybersecurity firm employs hackers to test the network security of the country’s major banks.

“I would never use a public Wi-Fi,” he said.

“Even an IT person may not be able to tell if the access point he is connected to is safe or if the activities are being watched.

“There may be signs like your Internet is slowing down but hackers can make it so elegant that you won’t even notice,” he said in an interview.

Malaysia’s national cybersecurity agency CyberSecurity Malaysia (CSM) said hackers could position themselves between a person’s device and the Wi-Fi router and are able to record sensitive data that the surfer is keying into his device.

Hackers can also “create” their own Wi-Fi and trick people into thinking they are connected to a credible public access point like the one from a restaurant, airport or office – when in actual fact these devices are connected to the criminals’ hardware.

Thus, they would be able to remotely watch everything a person is sending out on the Wi-Fi like passwords, e-mails or credit card information.

As frightening as these attacks may sound, Fong said this had been going as early as the 1990s.

Demonstrating to The Star how a hacker could steal information, LGMS set up an “evil twin” Wi-Fi using a laptop and named it after a famous franchise restaurant just below its office in Puchong, Selangor.

Fong connected two devices to this Wi-Fi and proceeded to log into social media, e-mail and Government websites.

Within seconds of logging in, the hacker’s computer began recording the activities in both devices in the experiment – recording every e-mail address, username and password that was keyed in.

Though the demonstration was only meant for the devices in the controlled environment of the LGMS office, three other users got connected to the dummy Wi-Fi, thinking they were linked to the franchise restaurant’s Internet, during the experiment.

“Hackers can target one specific person or they can target everyone in a cafe to get their devices to send all their data through their dummy Wi-Fi

“When they have your information, they can steal your identity. They can pose as you on Facebook, or send out e-mails to your contacts under your account,” he said.

Fong advised users to avoid connecting to public Wi-Fi or to only limit their browsing to Internet searches if they must connect to one.

The firm also suggested users to subscribe to VPN (virtual private network) technologies to secure their traffic.

VPN encrypts data on devices, making it hard for hackers to spy on the user’s online activities. Most VPNs are available on a subscription basis, much like an anti-virus programme.

So far this year, CSM has recorded eight instances where private Wi-Fi networks were hacked and 1,462 cases of online intrusions have been reported, which is nearly double the number of incidents compared to the same period in 2015.

It advised users to keep their Internet browsers up to date and to disable the feature which automatically saves password in the cache –as it makes it easier for criminals to steal.

by Nicholas Cheng The Star/Asia News Network

82% of travellers would use public Wi-Fi



KUALA LUMPUR: You are on a holiday in a foreign country. Naturally, you want to upload pictures to your Facebook or send messages to your friends back home or trawl the Internet for places to visit.

Chances are there is no Internet data connection where you are and you would search for whatever free Wi-Fi there is at the airport, hotel or cafe to stay connected.

An estimated 82% of travellers would choose to connect with unsecured public Wi-Fi, a practice which could up risks of cyberattacks, said Kasper­sky Lab.

The cybersecurity company surveyed 11,850 people worldwide and found that people on holiday would be carefree when it comes to their personal data protection.

The study found that 42% of travellers said they were less likely to care about the credibility of the Wi-Fi when they were on holiday compared to on business travels.

A third (33%) admitted to visiting websites of sensitive nature using foreign Wi-Fi, while almost half of the respondents conducted online banking (48%), shopped online (46%) and made private calls (35%) when they were abroad.

In a separate study, it found that at least 22% of travellers who conducted transactions online had experienced money loss while 8% had had a credit card compromised while in a foreign country.

Most of the time, victims do not even know they are being watched.

CSM advised users to keep an eye on their devices’ firewall alerts. Any trigger may indicate that a third party may be trying to access their devices illegally.

A report by MasterCard estimates that 10.9 million Malaysians travelled for overseas holidays in 2014, with the numbers expecting to hit 15.2 million by 2020.

The Kaspersky study also found that people were more likely to throw caution to the wind while on holiday with respondents saying they were 18% more likely to let strangers handle their smartphones to take pictures, 28% more likely to leave their devices unsupervised, 18% more likely to contact strangers online and 6% more likely to engage in “sexting”.

Related posts:


Jun 14, 2012 ... Hackers may cause Internet users to become victims of Evidence Act ... According to Cybersecurity Malaysia, an average of eight personal accounts ... special devices in the market that enabled anyone to “sniff” WiFi networks.


Dec 21, 2014 ... 2014 has seen a tsunami of epic hacks and identity thefts, including the ... said the prominent data leaks of 2014 would keep cyber security in ...

Friday, 25 March 2016

Chinese hacker pleads guilty, deserves respect whether guilty or innocent


A Chinese national named Su Bin pleaded guilty in the US on Wednesday to conspiring to hack into the computer networks of several major US defense contractors to obtain sensitive information, according to a US Department of Justice statement. The information allegedly includes technical files about F-22 and F-35 fighter jets and C-17 military transport aircraft.

The statement says "Su Bin admitted to playing an important role in a conspiracy, originating in China," where he has two accomplices. Some US media have conjectured that the two accomplices must be Chinese military personnel.

Su was arrested in Canada in July 2014, and was handed over to the US this February. The Chinese government has denied any involvement in Su's case, and the Chinese Ministry of Foreign Affairs has asked the US to ensure the privacy and legal rights of Chinese citizens on US soil.

Plea bargaining is a common US judicial practice. Defendants can plead guilty in exchange for softer punishments. The disadvantage of this practice is that it is hard to know what the defendants truly think, and whether there might be any wrongs in the judgments.

Every country is gathering intelligence. The largest and most well-known information-collecting agencies are the CIA and FBI in the US. The FBI has even listed China as their top target. Recent years have seen the FBI arresting quite a few "Chinese spies," but most of them proved to be innocent. In the meantime, China has kept a low profile in reporting the exposure of US spies out of various considerations.

In most cases, governments won't acknowledge these spies after they have been caught. For example, whenever China intercepted spies from Western countries, the governments they served routinely denied any connection and even mobilized the Western media to attack China's human rights and win over sympathy.

We have no reliable source to identify whether Su has stolen these secrets and transferred them to the Chinese government. If he has, we are willing to show our gratitude and respect for his service to our country. On the secret battlefield without gunpowder, China needs special agents to gather secrets from the US. As for Su, be he recruited by the Chinese government or driven by economic benefits, we should give him credit for what he is doing for the country.

If Su was wronged and forced to plead guilty, he should have our sympathy. As the "war of information" between China and the US continues, there will probably be more Chinese framed as spies and jailed in the US. This is a tragedy of the times, and we hope the Chinese working in sensitive professions in the US can protect themselves.

At the helm of international public discourse, the US is able to define whether certain activities are espionage or not. When US espionage is exposed, the US media will try to divert public attention and tone down the case. But when the CIA or FBI catches suspects, hyperbole about these cases makes headlines in US media.

The most infamous case is that of Edward Snowden, who revealed the global US surveillance program PRISM. The whistleblower is wanted by the US government, which refuses to reflect on its behavior, but keeps criticizing China for espionage without solid proof.

China lags behind the US in technology. The existence of US cyberspace military forces is openly known to the public, and its capability is way higher than Chinese "hackers." But it doesn't mean that China cannot fight back in the face of ill-founded US accusations of Chinese spies. China should uncover Washington's brazen hypocrisy with concrete evidence. - Global Times

Related posts:
 
Jun 23, 2013 ... Revelations about PRISM, a US government program that harvests data on the ... against the US Internet surveillance program of the NSA, PRISM, .... US Spy Snowden Says U.S. Hacking China Since 2009 ... Labels: civil liberties , Computer hackers , Cyber Attacks , Edward Snowden , Espionage , FBI ...

May 21, 2014 ... Documents leaked by former Central Intelligence Agency contractor Edward Snowden detailed the National Security Agency's (NSA) ...

May 20, 2014 ... After the Prism program leaked by Edward Snowden, the United States was accused by the whole world. However, it has never made ...
Oct 31, 2013 ... ... intelligence whistleblower Edward Snowden.A top secret map dated August 13 , 2010 lists nearly a hundred surveillance facilities worldwide, ...


Jun 4, 2014 ... In June 2013, Edward Snowden, a former US National Security Bureau contractor, revealed US intelligence agencies were conducting ...
May 22, 2014 ... ... charging five Chinese nationals of alleged commercial espionage, citing Edward Snowden's revelations of US spying operations worldwide.

A spokesperson for China's State Internet Information Office on Monday published the latest data of U.S. cyber attack, saying that Chinese... 


As the most notorious surveillance country, the U.S. indictment of Chinese military officers seems almost insolent in a world still reeli...

Sunday, 6 November 2011

Malaysian hacker jailed in US


By JOSEPH KAOS Jr  joekaosjr@thestar.com.my

WASHINGTON: A US District judge sentenced a Malaysian to 10 years in prison for hacking into the US Federal Reserve and other banks.
United States - Federal Reserve System
Lin Mun Poo, a Malaysian citizen, had admitted earlier this year to hacking into the US central bank, various private financial institutions and possessing stolen bank card and credit card numbers, officials said.

According to AFP, he also admitted to hacking into a Fed computer server and installing a malicious software code there.

Lin, who is from Ipoh, travelled to the United States in October last year “for the purpose of selling stolen credit card and bank card numbers” but a purchaser was in fact an undercover US agent, according to prosecutors.

When he was arrested, Lin held over 122,000 stolen bank card and credit card numbers.

The US Justice Department said Lin's “cybercrime activities also extended to the national security sector”, including hacking into the computer system of a Pentagon contractor that provides systems management services for military transport and other military operations.



“Today's sentence sends the message to hackers around the world that the United States is no place to conduct their business,” US Attorney Loretta Lynch said in a statement on Friday.

Dhillon Andrew Kannabhiran, founder and chief executive officer of hackers community Hack in The Box, said the stiff 10-year sentence was meant to deter hackers from hacking into government networks.

“Details of the case are not clear to me, but you can argue that 10 years for computer crime is harsh by any standards,” Dhillon told The Star.

“It's definitely a sentence which is meant to send a message.”

Dhillon said the hacker was “asking for trouble”.

Hacking is a tool. Just like a knife can be used by a chef to prepare a meal or to stab someone. It is your motives that sets you apart. People who use their skills to commit financial fraud are not hackers, but just criminals,” he said.

Lin, according to a fellow hacker, deserved his punishment.

“Most hackers have the skills to breach a computer security system. But once you use your skills for malice, then you have committed a crime,” said a computer security consultant who wished to be identified as Sam.

“If you are caught, you deserve to be punished like any other criminal.”

Sam said most people with hacking expertise, like himself, were hired by companies to “test” their computer security system.

“Most of us use our skills to make a decent, legitimate living.”

 Related post: