Monday, June 13, 2011

Hackers break into US Senate site

US officials said they have ordered a security review after hackers managed to break into the Senate website at the weekend.

An official said the incident had been "inconvenient", but had not compromised the security of the staff.

The confirmation came after Lulz Security, a loosely aligned group of hackers, said it had carried out the attack for fun and posted files online.

Lulz has previously targeted Sony, Nintendo and Fox News.

Senate Deputy Sergeant-at-Arms Martina Bradford said the hacking had been noticed at the weekend, and that officials were now reviewing all the sites hosted on Senate.gov.

"Specifically, there is no individual user account information on the server supporting senate.gov that could have been compromised," she said in a statement.

Lulz Security posted files online which indicated they had been in the Senate network. However, none of the files appeared to be sensitive.

"We don't like the US government very much," Lulz Security said at the top of a release.

"This is a small, just-for-kicks release of some internal data from Senate.gov - is this an act of war, gentlemen? Problem?" it added.

The US recently said it would consider cyber attacks an "act of war", and reserved the right to respond to attacks with conventional means if they were found to have been orchestrated by a nation state.

Lulz is a reference to internet-speak for "laugh out loud".



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Facebook juror in court hearing

A juror who allegedly contacted a defendant via Facebook faces Contempt of Court proceedings in a legal first.

Joanne Fraill is accused of contacting Jamie Sewart, a defendant in a trial that subsequently collapsed.

The contact led the judge to discharge the jury in the massive 10-week drugs trial.

The pair face up to two years in prison if found guilty at the hearing at the High Court in London on Tuesday.

The case, brought by the Attorney General Dominic Grieve QC, is being heard by the Lord Chief Justice, Lord Judge.

Another man who was convicted and jailed in the case is appealing, claiming jury misconduct in the aborted trial that took place last year in Manchester.

Earlier this year, the attorney general sought permission at the High Court to bring the proceedings against Ms Frail, of Blackley, Manchester, and Ms Sewart, of Bolton.

The alleged contact occurred after Ms Sewart had already been acquitted but the jury had still to reach verdicts on other defendants.

Ms Fraill is also said to have conducted internet research on defendants, despite instructions from the judge to only decide the case on the evidence in court.

Angus McCullough QC, for the attorney general, told the High Court: "Ms Fraill contacted Ms Sewart via the internet and conducted an online conversation with her.

"The discussion took place at a time when the jury still had outstanding verdicts to return on the case.

"That contact and discussion were in direct breach of the judge's repeated directions to the jury that they should not discuss the case with anyone outside their number, and constituted a contempt of court.

"Ms Fraill also conducted internet searches on the defendants she was trying."

In a speech last year, the Lord Chief Justice warned that jurors could go to jail if they searched the internet for information on defendants. At the time of the speech, he said that he knew of one rape trial which had been stopped because of online research by jurors.

"It is at least arguable that for a juror to examine the internet for information relating to the case is a contempt of court, and a criminal contempt," he said.

"One consequence of the use, or rather misuse of modern technology in the course of the trial would be that they may be liable to a finding of contempt of court, and indeed a sentence."

Have you served on a jury and do you have concerns about how the internet and social media may be used by jurors in court cases and interfere with justice? What do you think courts can do to ensure a fair trial? Send us your comments using the form below.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Government 'may have hacked IMF'

Hackers who broke into the International Monetary Fund's computer system may have been backed by a nation state, according to security experts.

They point to the sophisticated nature of the attack and the resources needed to develop it.

Malicious software, designed to steal confidential files, was installed on at least one IMF computer.

Although government involvement is widely suspected, the IMF has not released enough details to be sure.

Digital insider

Based on the limited information made public, it appears that the attack came from a specific PC that had been deliberately infected.

Hacker software was likely to have been installed on it in what is known as a spear-phishing attack, which sees highly targeted scam e-mails sent to specific victims.

A memo circulated internally at the IMF reported that "suspicious file transfers" had been detected.

Tom Kellerman, a security expert who has worked for the IMF and now sits on the board of the International Cyber Security Protection Alliance told Reuters news agency that it was "a targeted attack" with code written specifically to give a nation state a "digital insider presence" on the IMF network.

Graham Titherington, a security analyst with research firm Ovum agreed with the nation state theory.

"Any attack that shows money, time and resources went on it points to a state attack. States and their intelligence agencies have far more resources than criminal gangs," he said.

The information held by the IMF would be clearly be most valuable to a country, he added.

"It has masses of economic information from the performance of countries to the state of their balance sheets. For countries deciding where to invest it is invaluable," he said.

State-sponsored hacking has gained prominence in recent months.

"Google shifted the debate by going public on a hack attack believed to be by China," said Mr Titherington.

The Chinese government has denied involvement in the recent attack on Google's e-mail accounts.

The incident compromised the personal Gmail accounts of hundreds of top US officials, military personnel and journalists.

Google said that the campaign to obtain passwords originated in the Chinese city of Jinan and was aimed at monitoring e-mail.

According to Mark Darvill, director of security firm AEP Networks, many countries are involved in cyber espionage but China remained at the "forefront".

"China has recently set up a cyber terrorism unit which is very likely to be looking at opportunities rather than to stop attacks," he said.

Convenient excuse

Not everyone is convinced that state-sponsored attacks or Advanced Persistent Threat (APTs) are the cause of the IMF hack.

Tal Be'ery, a web Research Team Leader at the Application Defense Center (ADC) said it could be a "convenient excuse".

"It is easier for organisations to hide under this excuse when really it is something lacking in their defences.

"We don't have enough credible information about the IMF attack. It needs to provide good evidence that it was a APT. It is just as likely to be a lone hacker acting out of curiosity," he said.

The most high profile state-sponsored attack to date remains the Stuxnet worm, which targeted Iran's nuclear facilities.

Experts believe the complex malicious code originated from either the Israeli or US governments.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Spanish police hit by Anonymous

The website of Spain's national police force has been briefly knocked offline by hacker collective Anonymous.

The attack on the site was carried out in retaliation for the arrest of three Spanish men the police claimed were 'core' members of the group.

The hackers managed to keep www.policia.es offline for about an hour from 2130 GMT on 12 June.

Spanish authorities would not confirm that Anonymous was behind the attack, saying only that the site was offline.

However, a statement was posted on a website linked to Anonymous, claimed responsibility for the hack, which it called #OpPolicia.

The group said it had used a distributed denial of service attack (DDoS) which bombards a target website with so much data that it becomes overwhelmed.

A spokesman for the Spanish police said the cause of the outage had not yet been established.

"A website can collapse if too many people try to access it at once. I cannot confirm the link with the Anonymous group," said the spokesman.

In its statement, Anonymous said the DDoS attack was a "direct response to the Friday arrests of three individuals alleged to be associated with acts of cyber civil disobedience attributed to Anonymous."

The group said DDoS attacks were a legitimate form of peaceful protest. Some of its members are thought to have carried out similar attacks on Turkish government websites to protest against net censorship.

Anonymous also denied that the men arrested were part of the "core" of Spanish members of the group.

"They did not arrest any core group, because we don't have a core group," said Anonymous in its statement.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Single cell is first living laser

A single living cell has been coaxed into producing laser light, researchers report in Nature Photonics.

The technique starts by engineering a cell that can produce a light-emitting protein that was first obtained from glowing jellyfish.

Flooding the resulting cells with weak blue light causes them to emit directed, green laser light.

The work may have applications in improved microscope imaging and light-based therapies.

Laser light differs from normal light in that it is of a narrow band of colours, with the light waves all oscillating together in synchrony.

Most modern forms use carefully engineered solid materials to produce lasers in everything from supermarket scanners to DVD players to industrial robots.

The new work, by Malte Gather and Seok Hyun Yun at the Wellman Center for Photomedicine at Massachusetts General Hospital in the US, marks the first time the phenomenon has been seen in a living system.

The pair used green fluorescent protein (GFP) as the laser's "gain medium", where light amplification takes place.

GFP is a well-studied molecule, first isolated from jellyfish, that has revolutionised biology by acting as a custom-made "torch" that can light up living systems on command.

In the new work, cells derived from human kidney cells were genetically engineered to produce GFP.

Bathed in light

The cells were then placed one at a time between two tiny mirrors, just 20 millionths of a metre across, which acted as the "laser cavity" in which light could bounce many times through the cell.

Upon bathing the cell with blue light, it could be seen to emit directed and intense green laser light.

The cells remained alive throughout and after the process. The authors note in an accompanying interview in the journal that the living system is a "self-healing" laser; if the light-emitting proteins are destroyed in the process, the cell will simply produce more.

"In cellular sensing, we may be able to detect intracellular processes with unprecedented sensitivity," they said.

"For light-based therapeutics, diagnosis and imaging, people think about how to deliver emission from an external laser source deep into tissue. Now we can approach this problem in another way: by amplifying light in the tissue (itself)."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials