China Implicated In Hack Of French G20 Files

Hackers using Chinese web addresses tried to steal G20 documents from the French finance ministry

The French finance ministry has been targeted by hackers using Internet addresses in China, in a cyber attack aimed at stealing files on the G20 summit held in Paris in February.
Budget minister Francois Baroin said that an investigation into the incident is underway, and that the government is following up leads. The claims were first revealed by Paris Match magazine, which said that more than 150 computers at the finance ministry were affected last year.
“What was targeted, it seems, was the organisation of the G20,” Baroin told Europe 1 radio. He confirmed that the details of individual French taxpayers had not been compromised.

Professional hackers

Patrick Pailloux, director general of the French National Agency for IT Security, told the magazine that the perpetrators were professional, determined and persistent. “It is the first attack of this size and scale against the French state,” he said.
According to David Harley, senior research fellow at ESET, the attack was most likely to have been carried out with targeted Trojans, using information specific to the organisation and even to targeted individuals, to persuade them to open a malicious attachment.
“This could be a program file passed off as something else, or embedded in or attached to a document (e.g. a spreadsheet or PDF),” Harley told eWEEK Europe. “These are common spear-phishing techniques used in espionage, often using a known vulnerability or even a zero-day in order to increase the likelihood of the malicious object being opened/executed.”
There is no evidence that the Chinese government is responsible for the hack, but Paris Match quoted an anonymous official as saying that “a certain amount of the information was redirected to Chinese sites”.
Harley explained that, although the Chinese connection has not been proved, there are hacker groups in China specialising in this sort of attack and claiming to be funded – directly or indirectly – by the military and/or government.

China denies hacking

The Chinese government has consistently denied supporting hacking, despite several high-profile incidents involving Google, Morgan Stanley and Yahoo, among others. At the end of last year it was revealed by the Ministry of Public Security that hundreds of computer hackers had been arrested in China in 2010, as part of a large-scale crackdown on cyber crime.
“Currently the situation regarding cyberattacks in China is still extremely grim, and hacking attacks domestically are still widespread,” the ministry said in a statement.
State media in China warned at the time that military commanders should be seriously considering how to tackle the challenge of information and Internet security, and deal with the issue of cyberwarfare.
In this case it is thought that China may have wanted to get its hands on a list of targets drawn up at G20 for reducing imbalances in the global economy. The Chinese government had resisted calls at the summit to target exchange rate valuations, currency reserves and economic surpluses.

Top student faces jail time in alleged grade-hacking scheme

Tyler Coyner, 19, is facing anywhere between two and 10 years in jail for allegedly hacking into his high school's computer system to inflate his grades. The Nevada student is one of 13 others facing similar charges. Police allege Coyner also bumped up grades of his friends in exchange for money.

Nye County Sheriff's Office

Kenyon Wallace Toronto Star

Some people will do anything to be at the top of their class.
A Nevada teenager could be facing anywhere between two and 10 years in prison for allegedly hacking into his high school’s computer system to bump up his grades.
Police say 19-year-old Tyler Coyner increased his own grades and those of 12 other students for a fee after somehow obtaining the password for Pahrump Valley High School’s grading program. Police allege that Coyner not only bumped up the grades of his fellow students, but also increased his own grades so dramatically that he qualified as his high school’s salutatorian — a title given to the graduate with the second highest marks in the school.
“Obviously some of the motivation must have come from the competition, but there’s really no way to be certain,” Detective David Boruchowitz of the Nye County Sheriff’s Office told the Star. “He clearly wanted to be the best.”
Boruchowitz said police believe Coyner began to alter the grades over a two-semester period beginning in 2009 during his last year of high school. Coyner and the 12 other students who allegedly paid to have their grades increased — a felony in Nevada — are facing conspiracy and forgery charges that carry punishments of between two and 10 years in prison, Boruchowitz said.
“All that just for changing the grades.”
When a Star reporter contacted Coyner’s residence Monday, a man who answered the phone hung up before a request for comment could be made.
A profile of Coyner in the Pahrump Valley Times, published on the occasion of his appointment as his high school’s salutatorian, quotes the teenager as saying he was keen to go to an Ivy League school — either Harvard or Stanford — with the ultimate goal of becoming a hedge-fund manager.
“Nothing will change for you; you have to make an effort to make a better future,” Coyner told the newspaper. “Being responsible is one of the key things to being successful.”
Of his time at high school, Coyner was quoted as saying: “Even the mistakes I’ve done were worth it.”
The profile reports that Coyner attained a 4.54 grade point average.
In his salutatorian speech, posted on YouTube, Coyner is seen speaking to a crowd about what his high school experience meant to him.
“I changed for the better, learning what it meant to be a student at PVHS and taking initiative in completing assigned work, well sort of,” he tells the audience. “As humans we make mistakes for a reason. So learn from them.”
To add to his worries, Coyner is also facing burglary charges in an unrelated case. Police say that during their investigation into Coyner’s alleged grade-hacking scheme, they executed a search warrant of his dorm room at the University of Nevada, where he now studies. They discovered a stolen television, a fake driver’s licence, and several fake ID cards. Police allege the TV was stolen from a Wal-Mart in Pahrump before Coyner left for university.
Also charged in this investigation is Coyner’s university roommate, 19-year-old Mathew Miller.

Spending a Saturday hacking up a storm

But, in just a few hours on a recent Saturday afternoon, two Ottawa app developers solved the problem.
Brad Miller and Jevin Maltais created Reservely, an application that makes online reservations with any restaurant in the world faster and easier.
Users simply find a restaurant on a map and enter their name, number of requested seats, preferred time and a phone number. Reservely then contacts the restaurant automatically via voice and replies with a confirmation of the reservation.
The application was designed during the first HackOTT, one of the latest in a growing number of one-day contests that bring dozens of developers together in a single “pressure-cooker” environment.
Almost 75 mostly Ottawa-based developers registered for the event, held at Shopify’s ByWard Market offices late last month, designing 15 mobile and web applications by the end of the day. Besides Reservely, other apps developed at HackOTT included a movie trivia game, a digital rain check system for online stores, and a coffee-shop recommendation program that calls upon a user’s social network for advice.
“We need more of (these events),” said Edward Ocampo-Gooding, Shopify’s developer advocate and one of the organizers of the event.
“It brings the development community together … and the tighter these relationships, the better.”
One of the notable features of HackOTT was the involvement of seven commercial APIs, or application programming interfaces, including Shopify, Zip.ca and YellowPages.ca.

In simplified terms, an API is essentially the “door” allowing a developer to write a new program that connects to an existing application.
In the case of Reservely, the developers used the YellowAPI to access the phone numbers of restaurants, and plotted them visually using the Google Maps API.
Companies like Shopify get to see fresh, creative twists to their products that their staff may not have yet thought about, and also meet talented programmers they may eventually recruit to work for the firm.
Developers, meanwhile, learn more about Canadian APIs they can use to build new products and even companies, said Leila Boujnane, one of the organizers of HackOTT.
“Developers don’t necessarily have the time to meet each other … (and) creating a competitive environment brings out the best in everyone,” added Ms. Boujnane, who is also CEO of Idée Inc., the Toronto-based firm behind TinEye, billed as the world’s first reverse image search engine.
She organized the first Hackdays last May in Toronto, which sold out in 24 hours. Both the Toronto and subsequent Montreal version attracted about 40 participants.
The strong showing at HackOTT already has Ms. Boujnane contemplating a return.
“We’ll be back,” she said. “Something built here might change the world.

Post Hacking Incident: Google Resolves to Make Changes

Recently, Google had to combat a malware program that had stealthily infiltrated itself into more than 50 Android apps. The program, known as DroidDream, has the capacity to steal info from mobile devices as well as perpetuating the problem by downloading other malware onto the phone.
On Saturday, Google addressed the problem by using a program that remotely erased the application from the thousands of phones that had been infected with DroidDream. Anyone who is affected will also be receiving an explanatory email from Google over the next three days, according to Android’s head of security, Rich Cannings.
Google is also implementing a mandatory update known as “Android Security Market Tool March 2011,” which will fix the gaps in security that DroidDream was able to manipulate. Phones running the Gingerbread system on their phones won’t have been affected by DroidDream, but phones that run anything below Android 2.2.2 were vulnerable to the breach of security.
DroidDream is a particularly malicious program because it gains access to both the phone’s International Mobile Equipment Identity number as well as the SIM card’s International Mobile Subscriber Identity number. And that’s only the first step! DroidDream then sends those two identification numbers to a location in California, and then the second stage of the malware program is initiated. During the second stage, DroidDream downloads another app that prevents users from uninstalling the application (or seeing it). It then exploits the device for further information, including data on userIDs, phone model, product ID, and country info. From this point, it is able to download other malware as well.
According to Lookout Mobile Security, “The first phase of the malware served to gain root access on the device while the second phase predominantly serves to maintain a connection to the command-and-control server to download and install other files…Because we have not seen the command-and-control server issue commands to download additional applications we cannot divine their exact purpose. However the possibilities are limitless.”
Google has since removed apps that were infected with DroidDream, and has contacted law enforcement.

Sources That Contributed To This Article:
GOOGLE
Lookout Mobile Secur

Bryant to demand phone-hacking answers

Chris Bryant will address the phone-hacking scandal in the Commons on Thursday.
A Labour MP will demand answers about the News of the World phone-hacking scandal later this week.
Chris Bryant has tabled a speech in the Commons to discuss evidence of widespread phone-hacking at the NOTW. There will be a formal government response to his comments and a subsequent debate.
The revelations that journalists illegally intercepted celebrities' resulted in the jailing of royal editor Clive Goodman and private detective Glenn Mulcaire in 2007.
Since then evidence has emerged that the practice was more extensive, prompting doubt on the depth of Scotland Yard's original investigation.
Mr Bryant, who thinks he was a victim of hacking, has been critical of the conduct police investigation. The shadow cabinet minister is seeking a judicial review because Scotland Yard did not inform him that he was a likely victim.
Mr Bryant told the Independent the original investigation raised questions about the conduct of the Met.
"It has become apparent that the extent of phone hacking is greater than either News Corporation or the News of the World have admitted to. Indeed, it would seem it was far more substantial than that found by the original investigation that the Metropolitan Police could be bothered to mount," he said.
He said there had been a "political aspect" to the investigation.
"What was the purpose behind all this phone hacking? Ultimately, I think its purpose was murky and nefarious. It raises questions of just who runs Britain

Domain.com Recommends Thawte SSL to Prevent Wi-Fi Hacking

High profile celebrity and top six most popular Twitter user Ashton Kutcher's Twitter account was recently hijacked when he attended the TED 2011 Conference on March 2, 2011. The hacked account sent a tweet that read "Ashton, you've been Punk'd. This account is not secure. Dude, where's my SSL?" SSL stands for Secure Sockets Layer and is a technology that encrypts communications between a web server and web browser to ensure that data passing between the two cannot be intercepted. The implicit message is that if your website collects personal information of any kind, it needs to use SSL encryption. To prevent the increasingly prevalent practice of HTTPS hijacking, sometimes called "sidejacking", Domain.com recommends Thawte SSL certificates.
A recent The New York Times article from February 16, 2011 titled, "New Hacking Tools Pose Bigger Threats to Wi-Fi Users," highlights the danger of being a hacking victim. Darren Kitchen, the host of Hak5, a popular video podcast about security and hacking with an audience of over 60,000 viewers a week, emphasizes how easy it is to hijack websites.
"The scary reality is that it no longer takes technical skills to steal your most personal information," said Kitchen. "Cookie sniffing and Firesheep sidejacking is just as easy as browsing the web."
Firesheep is a free hacking program that makes it easy for people to steal passwords on unsecured Wi-Fi networks. The program, which has been downloaded by over a million people, collects user information and shows it in a Firefox browser window. When users enter their password in high-traffic websites like Twitter or Amazon.com, the password is initially encrypted however the web browser's cookie is often not encrypted. Firesheep harvests the cookies and makes them available so malicious hackers can have full access to other users' accounts.
Popular websites including social networks like Facebook® are boosting security for their users. Facebook recently added HTTPS to secure all communications between browsers and Facebook web servers to prevent any potential sidejacking activities through Firesheep.
Domain.com's line of SSL products include Thawte SSL 123, a low-priced SSL certificate available for $42.99 per year. This product features quick validation and immediate issuance, making it ideal for existing corporations or ecommerce websites to install the certificates.
"Sidejacking is happening right now at coffee shops all across the world," said David Andrews, Brand Manager for Domain.com. "Website owners need to know their sites must have SSL encryption. To protect their site visitors, every business should consider using Domain.com's Thawte SSL."
To learn more information about Thawte SSL 123 and other SSL products through Domain.com, visit: www.domain.com/ssl/.
ABOUT DOMAIN.COM
Helping entrepreneurs and business become successful online since 2000, Domain.com offers high quality, reliable Web hosting and domain name registration services at the most affordable prices in the industry. Domain.com's full range of solutions to create and market websites includes Web hosting, VPS hosting, Email, SSL certificates, website design, and email marketing. For more information visit: www.domain.com.

Hackers who hack with white hats

Computer hackers who hack to reveal the flaws in computers and phones gather to compete for big cash prizes.

Jeremy Hobson: In western Canada this week computer researchers and hackers are converging. They're competing in the annual Pwn2Own hacking contest. And they're hoping to walk away with hundreds of thousand dollars in prizes from Hewlett Packard and Google. It's one of the few ways the people who ferret out all the bugs that infest our software can actually get paid, as Marketplace's Steve Henn reports.

---

Steve Henn: "Pwn." It's geek-speak for dominating someone on a video game or hacking a computer and taking it over -- owning it.
For years, Charlie Miller has pwnd Pwn2Own. He's won the contest three years in a row. His target? Apple.

Charlie Miller: For a while I was doing it because no one believed Apple products could be hacked.

Not true. Charlie's hacked Apple left, right and center. He once figured out a way to send text messages to an iPhone, break it open, steal your passwords, download your bank balance.

Miller: And there was a guy from Apple there and I saw that as soon as it happened, he was on his cell phone dialing home to Apple and telling them the problem and how to fix it. It was worth it just to see the panicked look on his face.

But when Charlie finds something like that, Apple doesn't pay him a cent. So in the last year, many professional security consultants like Charlie have stopped sharing the flaws they find except in contests like this.
In the hacking wars, these are the good guys and some of the best are on strike.
In Silicon Valley, I'm Steve Henn for Marketplace