Thursday, June 9, 2011

Hackers warn NHS over security

A notorious hacker group has warned the NHS that its computer networks are vulnerable to cyber attack.

Lulz Security, which claims to have been behind a recent hack on Sony, sent an email to NHS administrators revealing it had found a way to breach the service's network.

But the Department of Health was quick to deny that any patient information was at risk.

The hackers said they did not intend to steal any data.

Styling themselves as "pirate ninjas", LulzSec posted on Twitter the e-mail it sent to the NHS.

No harm

"While you aren't considered an enemy - your work is of course brilliant - we did stumble upon several of your admin passwords," the e-mail read.

It lists the stolen information - but blacks out the names in the tweet.

"We mean you no harm and only want to help you fix your tech issues," the mail continued.

The Department of Health played down the warning.

"This is a local issue affecting a very small number of website administrators. No patient information has been compromised," a Department of Health spokesperson told the BBC.

"No national NHS information systems have been affected. The Department has issued guidance to the local NHS about how to protect and secure all their information assets."

Like many hacker groups, LulzSec appears to be a loosely organised collective with no-one really in charge.

It claims to specialise in finding poorly protected websites to attack. Information they steal is sometimes posted to the web.

The group has made the headlines in recent months for a number of hacking attacks.

At the beginning of June it claimed to have broken into servers that run SonyPictures.com and accessed the details of a million users.

A day later it claimed to have hacked Nintendo's website.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Nokia tech chief to go 'on leave'

Nokia's chief technology officer Rich Green has taken a leave of absence from the mobile phone giant.

An official Nokia statement said he had left to resolve a "personal matter" and gave no date for his return.

However, a Finnish newspaper quoted sources inside Nokia saying he had left because of differences over strategy and would not return.

Mr Green was known to champion the MeeGo mobile operating system which Nokia recently sidelined.

That decision was brought about by Nokia boss Stephen Elop's decision to adopt Microsoft's Windows Phone software for its smartphones.

Tech change

Finnish newspaper Helsingin Sanomat cited unnamed Nokia sources who claimed that Mr Green's departure was linked to the MeeGo decision. In particular, it said, Mr Green was unhappy with Nokia's decision to abandon plans to produce phones built around the system.

In its statement, Nokia said Mr Green's absence would have "no impact on our product strategy or our expected product launch timelines".

Rich Green joined Nokia in early 2010 following a 19 year stint at Sun Microsystems where he latterly oversaw the move of Java code onto mobile phones.

When he was appointed, he was Nokia's fourth chief technology officer in five years. The company said that Henry Tirri, currently head of Nokia's research labs, will take over the post of technology boss.

The news of Mr Green's departure caps a rough month for Nokia in which it announced that sales of its phones during the second quarter of the year would be substantially below previous forecasts.

Ian Fogg, an independent industry analyst, declined to comment specifically on Rich Green's departure but said the transformation Nokia was currently going through was fast and far reaching.

Senior management at Nokia have had to make some very hard decisions about its older projects and products, he said, adding that the strategy switch to Windows had to take the entire company along with it.

This was essential to ensure Nokia could get on with the job of producing Windows Phone handsets, explained Mr Fogg. However, he expressed concern that the company was moving fast enough.

"Nokia has to bring Windows Phone devices to market quickly," said Mr Fogg. "It has to execute faster. They need those devices to be shipping."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Citibank confirms hacking attack

Hackers have stolen data from thousands of Citibank customers in the US, the bank has confirmed.

The breach exposed the names of customers, account numbers and contact information.

But other key data, such as date of birth and card security codes were not compromised, the bank said in a statement.

Citigroup is the latest in a string of high profile companies to be targeted by cyber criminals.

It has been criticised for not telling customers about the breach when it happened in May.

"We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event," a Citi spokesman said in a statement to the Reuters news agency.

High alert

Around 200,000 customers were affected the statement said although earlier the bank had said it could affect up to 1% of its 21 million users.

It did not detail how the breach had occurred.

Security experts said the thieves may try to get hold of more information from those targeted.

"While Citi customers aren't likely to have fraudulent charges against their accounts as a result of this breach, they are likely to encounter social engineering attempts to enable further crime," blogged Chester Wisniewski, a consultant for security firm Sophos.

"Customers affected by this incident should be on high alert for scams, phishing and phone calls purporting to be from Citibank and their subsidiaries," ge added.

Citigroup in the latest firm to be hacked in recent weeks. Japanese electronics group Sony is still recovering from the theft of millions of pieces of data from its network.

While security firm RSA has offered to replace the 40 million secure tokens used by people to log into banks after it emerged that key data that operates them had been stolen in March.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials