SEARCH CLINIC

Search engine online marketers
Subscribe Twitter Facebook Linkedin

Microsoft releases program to spot abuse images

July 27, 2015 By: Dr Search Principal Consultant at the Search Clinic Category: Cloud Computing, Dr Search, Microsoft, Search Clinic, Technology Companies, Uncategorized

Microsoft has released a free program that lets website owners spot when images of child abuse are being shared by users.

Microsoft has released a free program that lets website owners spot when images of child abuse are being shared by usersMicrosoft said that it had made the PhotoDNA tool available to tackle the 720,000 abuse images uploaded to the net every day. Many large social media networks are already using PhotoDNA to police uploaded images

Police forces, anti-abuse organisations and large social networks have been using the tool for some time to dig out the illegal images.

Microsoft said the online tool was for small firms that lack the resources to do image-checking themselves.

Spotting abuse images among the 1.8 billion pictures uploaded to online services every day was an almost impossible task, said Courtney Gregoire, a senior lawyer at Microsoft’s Digital Crimes Unit in a blogpost outlining the initiative.

While many large social networks such as Twitter, Facebook and Flipboard were already using PhotoDNA, before now it had not been available to smaller online services, she said.

“We needed an easier, more scalable way to identify and detect these worst-of-the-worst images,” said Ms Gregoire.

The PhotoDNA system has been used to analyse and classify images of child sexual abuse held by Interpol, police forces and the US National Center of Missing and Exploited Children.

The technology generates a signature or hash for each image that can be compared with any new image to see if there is a match. It can spot images it has seen before even if they are cropped or otherwise manipulated to avoid detection systems.

Many of the images shared online have been seen before and spotting people trading them can help police forces unearth abusers previously unknown to them.

The free service puts PhotoDNA in the cloud and lets websites check images uploaded by users.

FBI warns on airline hacking threat

May 23, 2015 By: Dr Search Principal Consultant at the Search Clinic Category: Computers, Cyber Security, data security, Hackers, Search Clinic, Technology Companies

The USA’s Federal Bureau of Investigation (FBI) has issued a formal alert warning airlines to be on the lookout for hackers.

Federal Bureau of Investigation (FBI) has issued a formal alert warning airlines to be on the lookout for hackersIt follows an onboard tweet from security expert Chris Roberts, who joked about being able to hack into a United Airlines plane’s wi-fi network.

A terrorist could theoretically take over systems that fly a plane by compromising equipment at their seat as an increasing number of airlines are offering onboard wi-fi to customers.

The FBI and the US Transportation Security Administration (TSA) said they had no information to support claims a plane’s navigation system could be interfered via its onboard wi-fi kit, but added that they were evaluating the evidence.

In a private industry notification posted on its website and reported by Wired magazine, the FBI advised airlines to:

  • report any suspicious activity involving travellers connecting unknown cables or wires to the in-flight entertainment (IFE) system
  • report any evidence of suspicious behaviour following a flight, such as IFE systems that show evidence of tampering or the forced removal of covers to network connection ports
  • report any evidence of suspicious behaviour concerning aviation wireless signals, including social media messages with threatening references to onboard network systems, automatic dependent surveillance systems (ADS-B), aircraft communications addressing and reporting systems (ACARS) and air traffic control networks
  • review network logs from aircraft to ensure any suspicious activity, such as network scanning or intrusion attempts, would be captured for further analysis

In his tweet, Mr Roberts suggested that he might be able to deploy the oxygen masks on the flight.

Chris Roberts’s tweet:

On arrival at Syracuse airport, Mr Roberts – who is co-founder of security company One World Labs – was taken in for questioning by the FBI, and his laptop and other devices were seized.

A few days later, he was prevented from boarding a flight to California.

He had previously given a number of interviews, explaining the possible weak points in airline systems, telling CNN that he could connect to a computer under his seat to view data from the aircraft’s engines, fuel and flight-management systems.

Security experts have warned for some years that airlines are a possible target for hackers.

Planes including the Boeing 787 Dreamliner and the Airbus 350 and A380 have a single network that is used by both pilots to fly the plane and by passengers for their wi-fi connections.

Although there were currently no publicly known vulnerabilities that a hacker could exploit, such an attack remained “theoretically possible” because all networks were inherently insecure.

Wi-fi is now common on many airlines, and most have relaxed the rules surrounding the use of gadgets during flights.

Cyber criminals raided by police

March 06, 2015 By: Dr Search Principal Consultant at the Search Clinic Category: Computers, Cyber Security, data security, Dr Search, Hackers, internet, Personal Security, Search Clinic, Technology Companies, Uncategorized

The UK’s National Crime Police Agency has arrested 56 suspected hackers in part of a “strike week” against cybercrime.

The UK's National Crime Agency has arrested 56 suspected hackers as part of a strike week against cybercrimeIn total, 25 separate operations were carried out this week across England, Scotland and Wales. Those arrested are suspected of being involved in a wide variety of cybercrimes including data theft, fraud and virus writing.

The week long series of operations was co-ordinated by the NCA’s National Cyber Crime Unit (NCCU) as well as specialist officers from regional organised crime squads and the Metropolitan Police.

West Midlands police arrested a 23 year old man in Sutton Coldfield who is believed to have been involved in breaking into the network of the US defence department in June 2014.

The biggest operation saw the arrest of 25 people in London and Essex suspected of using the net to steal money, launder cash and carry out other frauds.

The hackers behind that attack stole contact information for about 800 people and data on the network’s internal architecture was also pilfered.
line

The action also resulted in the arrest of people thought to be part of some well known hacking groups.

In Leeds, a suspected member of the Lizard Squad group was arrested, and in London a 21-year-old man was taken into custody on suspicion of being part of the D33Ds Company hacking collective.

The D33Ds group is believed to have been behind a 2012 attack on Yahoo that stole more than 400,000 email addresses and passwords subsequently published online.

Investigations about suspects in Sutton Coldfield, Leeds and Willesden were aided by forensic information provided by the FBI.

The other actions targeted alleged phishing gangs, intellectual property thieves, users of financial malware, companies that offer hosting services to crime groups, and many people who took part in so-called DDoS (distributed denial of service) attacks in an attempt to knock websites offline.

One 21-year-old man from County Durham allegedly knocked out the Police Scotland website mounting such a DDoS attack.

“Criminals need to realise that committing crime online will not render them anonymous to law enforcement,” said Andy Archibald, deputy director of the NCCU. “It’s imperative that we continue to work with partners to pursue and disrupt the major crime groups targeting the UK.”

In addition, this week the NCA coordinated visits to 70 firms to inform them about how vulnerable their servers were to attack and how they could be used by cyberthieves to send out spam or act as proxies for other attacks.

The strike week also involved four forces setting up pop-up shops to give advice to the public about staying safe online and to get their devices checked to make sure they are free of malware and other digital threats.

The problems of cyber security for small businesses

February 24, 2015 By: Dr Search Principal Consultant at the Search Clinic Category: Computers, Customer Service, Cyber Security, data security, Dr Search, Ecommerce, Hackers, Search Clinic, Technology Companies, Uncategorized

The growing problem of cyber security is becoming a big headache for small businesses.

The growing problem of cyber security is becoming a big headache for small businesses.Figures from Sophos suggest about 30,000 websites a day are being compromised by cyber hackers – most of those will be the public face of one SME or others.

Becoming a victim of a hack or breach costs smaller firms between £65,000 and £115,000, according to the PWC survey of the worst data breaches among small firms. Those worst hit will suffer up to six breaches a year, PWC suggested, so the total cost could be even higher.

For a smaller firm finding that much cash to clean up after a breach could mean the difference between keeping trading and going bust.

This lack of focus on cyber security is understandable, as most small and medium-sized enterprises (SMEs) spent most of their time on core commercial activity such as keeping customers happy, seeking out new clients and engaging in all the basic day-to-day admin needed to keep their enterprise afloat.

So worrying about computer security comes a long down their To Do lists.

However, ecommerce, websites, apps, smartphones, tablets, social media and cloud services were all now standard ways of doing business in the 21st century, he said.

Additionally, there were some SMEs that were based entirely around technology but that did not make them experts in how to keep their digital business secure.

Either way, everyone is a target and they all need to look externally to security firms for help.

Everyone is familiar with attempts to penetrate internal networks to steal payment information or customer data records but may be less knowledgeable about invoice fraud, ransomware, malvertising, or even attacks that “scrape” websites with automated tools to steal all the information about prices and products they contain.

Estimates vary on how much SMEs spend on IT security.

The most recent government figures published 18 months ago suggest SMEs with 100 or more employees spend about £10,000 per year. The smallest small firms, with less than 20 staff, spend about £200. Other estimates put the spend at about £30 per employee.

SMEs should start with the basics.

This includes anti-virus software, firewalls, spam filters on email gateways and keeping devices up to date. This, would defeat the majority of the low level threats that those busy cyber thieves are churning out.

Government advice on how SMEs can be safer revolves around a 10 steps programme that emphasises basic, good practice. It’s big on those simple steps such as keeping software up to date and applying the widely used software tools that can spot and stop the most prolific threats.

But it also stresses that smaller firms understand more about how they use data and how it flows around their organisation.

Having a good sense of where data goes and who uses it can help limit the damage if it goes astray.

Having control of that data, knowing its value and where it is going, can help a company guard against it leaking out accidentally and maliciously. For instance, having that control might help a firm spot that a server was accidentally exposed to the net and private information was viewable by anyone.

It can also help SMEs keep an eye on their suppliers and partners to ensure that data is handled appropriately.

And finally, said Mr Harrison from Exponential-e, firms need to put in place a plan for what happens when a breach or security incident does occur.

“It’s not a question of if something bad will happen,” he said. “It will, but it’s all about what they do about it.”

Police warn on cyber crime threats

April 18, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cyber Security, data security, Hackers, Personal Security, Search Clinic, Telecommunications Companies, Uncategorized

Only three out of 43 police forces in England and Wales have a comprehensive plan to deal with a large scale cyber attack, new research has found.

Police warn on cyber crime threatsHer Majesty’s Inspectorate of Constabulary (HMIC) warned only Derbyshire, Lincolnshire and West Midlands had sufficient plans in place.

It also found only 2% of police staff across 37 forces had been trained on investigating cybercrime.

The report examined how prepared police are for a series of national threats.

Last year, the government identified five threats as priorities for police to prepare for. These are:

  • Terrorism
  • Civil emergencies
  • Organised crime
  • Public order threats
  • Large-scale cyber-attacks

As part of its Strategic Policing Requirement (SPR), the Home Office called for a nationally required policing response to counter each of the threats.

The report is the first in a series of inspections looking at how individual forces have responded to the guidelines.

HMIC inspectors said they were “struck by how incomplete the police service’s understanding of the national threats was” and that more needs to be done “collectively by all forces”.

The report called for “much greater attention” from police leaders.

“The capacity and capability of the police to respond to national threats is stronger in some areas than others – with the police response to the cyber-threat being the least well developed,” HMIC’s Stephen Otter said.

Police plans to deal with counter-terrorism, public order, civil emergencies and organised crime were in “stark contrast” with the capabilities for cyber-related threats.

Inspectors found the ability to deal with cyber-threats remains “largely absent” in some forces and that some senior officers across England and Wales are still “unsure of what constituted a large-scale cyber-incident”.

They found forces were “silent” when it came to preventing cybercrime and protecting people from the harm it causes, despite the fact it is “fast becoming a dominant method in the perpetration of crime.

“The police must be able to operate very soon just as well in cyberspace as they do on the street,” the report said.

According to the government’s definition, a large-scale cyber-incident could be “a criminal attack on a financial institution to gather data or money” or an “aggregated threat where many people or businesses across the UK are targeted”.

It also includes “the response to a failure of technology on which communities depend and which may also be considered a civil emergency”.

Basically- despite cybercrime costing the UK ecomony billions of Pounds, our plods are light years from being able to cope- let alone help us.

Moral of the story is make sure that you are as secure as you can be- because the state isn’t capable of nannying you.

Passwords- how to set and remember them

April 15, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cyber Security, data security, Dr Search, Hackers, Personal Security, Search Clinic, Uncategorized

With the heightened risk of password hacking Search Clinic thought that it is a good time to refresh your memory on how to set- and remember your secure passwords.

Passwords- how to set and remember themDr Search of the Search Clinic visited the Cheltenham Science Festival a few years ago and attended a lecture by Toby of GCHQ on security in the computer age and posted a post at: top common passwords.

Your starter for ten is to make sure that you don’t use any of them. If you do- then you are already in trouble.

Changing passwords is something many people avoid at all costs- because they fear they will forget the new password.

However, you can make something memorable by simply using the power of association and location. In order to remember a string of online passwords, all you have to do is associate each individual letter and number with a known or fixed item, calling on your imagination throughout.

The more you stimulate and use your imagination, the more connections you will be able to make, and the more you will be able to memorise.

Memory expert Tony Buzan gives tips on how to remember new ones, which should be a long jumble of randomly generated letters and numbers.

No pet’s names- Hackers can find out a lot about you from social media

No dictionary words- Hackers can precalculate the encrypted forms of whole dictionaries and easily reverse engineer your password.

Mix unusual characters- Try a word or phrase where characters are substituted -Whyd03s1talw&ysr*in?

Have multiple passwords- If hackers compromise one system, they won’t be able to access other accounts.

Keep them safely- Don’t write them down – use a secure password vault on your phone. If you must worte them down label the file someother OTHER than passwords.

Tom from GCHQ suggested using a combination of the above, by using multiple words and numbers- with a few symbols thrown in for good measure:

wh1te-rabbt)*m0nth

Good Luck- and safe browsing.

Heartbleed bug- what you need to know

April 11, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Cyber Security, data security, Dr Search, Hackers, Search Clinic, Uncategorized

A major security flaw at the heart of the internet may have been exposing users’ personal information and passwords to hackers for the past two years.

Heartbleed bug- what you need to knowThe Heartbleed bug exists in a piece of open source software called OpenSSL which is designed to encrypt communications between a user’s computer and a web server, a sort of secret handshake at the beginning of a secure conversation.

It was dubbed Heartbleed because it affects an extension to SSL (Secure Sockets Layer) which engineers dubbed Heartbeat.

It is one of the most widely used encryption tools on the internet, believed to be deployed by roughly two-thirds of all websites. If you see a little padlock symbol in your browser then it is likely that you are using SSL.

Half a million sites are thought to have been affected.

In his blog chief technology officer of Co3 Systems Bruce Schneier said: “The Heartbleed bug allows anyone to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the name and passwords of the users and the actual content,” he said.

“This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users,” he added.

The bug is so serious it has its own website Heartbleed.com which outlines all aspects of the problem.

Some security experts are saying that it would be prudent to change your passwords- although there is a degree of confusion as to when and if this needs to be done.

Some point out that there will be plenty of smaller sites that haven’t yet dealt with the issue and with these a password reset could do more harm than good, revealing both old and new passwords to any would-be attacker.

But now the bug is widely known even smaller sites will issue patches soon so most people should probably start thinking about resetting their passwords.

The exploit was not related to weak passwords but now there are calls for a mass reset of existing ones, many are reiterating the need to make sure they are as secure as possible.

There are half a million websites believed to be vulnerable so too many to list but there is a glut of new sites offering users the chance to check whether the online haunts they use regularly are affected.

The bad news, according to a blog from security firm Kaspersky is that “exploiting Heartbleed leaves no traces so there is no definitive way to tell if the server was hacked and what kind of data was stolen”.

Security experts say that they are starting to see evidence that hacker groups are conducting automated scans of the internet in search of web servers using OpenSSL.

And Kaspersky said that it had uncovered evidence that groups believed to be involved in state-sponsored cyber-espionage were running such scans shortly after news of the bug broke.

Search Clinic will soon post a blog on how to set and remember passwords- so please subscribe to the Search Clinic newsfeed.

Dangers of constantly on wifi smartphone apps

March 28, 2014 By: Dr Search Principal Consultant at the Search Clinic Category: Apps, Cyber Security, data security, Hackers, mobile phones, Personal Security, Search Clinic, smart phones, Technology Companies, Uncategorized, WiFi

The dangers of constantly keeping your smartphone’s always on has been revealed.

Dangers of constantly on wifi smartphone appsMany smartphone users leave the wireless option constantly turned on on their smartphone. That means the phones are constantly looking for a network to join – including previously used networks.

Once the user has joined a disguised wifi network, the rogue operator can then steal any information that the user enters while on that network – including email passwords, Facebook account information, and even banking details.

This is also why smartphones and other devices that use wireless technology – such as Oyster cards using RFID (radio frequency identification) or bank cards with chips – can betray their users.

Mr Wilkinson – who began developing the Snoopy software three years ago as a side-project – gave the BBC a preview of the technology ahead of its release.

Pulling out a laptop from his bag, Mr Wilkinson opened the Snoopy programme – and immediately pulled up the smartphone information of hundreds of Black Hat conference attendees.

With just a few keystrokes, he showed that an attendee sitting in the back right corner of the keynote speech probably lived in a specific neighbourhood in Singapore. The software even provided a streetview photo of the smartphone user’s presumed address.
DJI phantom SensePost has used the Snoopy software attached to cheap commercial drones like DJI’s Phantom

Drones- not just flying cameras:

  •     Drones are controlled either autonomously by on-board computers, or by remote control
  •     They are used in situations where manned flight is considered too dangerous or difficult
  •     Also increasingly used for policing and fire-fighting, security work, and for filming

For instance, the Snoopy software has been ground-based until now, operating primarily on computers, smartphones with Linux installed on them, and on open-source small computers like the Raspberry Pi and BeagleBone Black.

But when attached to a drone, it can quickly cover large areas.

“You can also fly out of audio-visual range – so you can’t see or hear it, meaning you can bypass physical security – men with guns, that sort of thing,” he says.

It’s not hard to imagine a scenario in which an authoritarian regime could fly the drone over an anti-government protest and collect the smartphone data of every protester and use the data to figure out the identities of everyone in attendance.

Mr Wilkinson says that this is why he has become fascinated with our “digital terrestrial footprint” – and the way our devices can betray us.

He says he wants to “talk about this to bring awareness” of the security risks posed by such simple technologies to users.

His advice? Turn off the wireless network on your phone until you absolutely need to use it.

Mobile position data present anonymity risk

April 02, 2013 By: Dr Search Principal Consultant at the Search Clinic Category: data security, Mobile Marketing, mobile phones, Personal Security, smart phones, Telecommunications Companies, Uncategorized

Scientists say it is remarkably easy to identify a mobile phone user from just a few pieces of location positioning information.Mobile position data present anonymity riskWhenever a phone is switched on, its connection to the network means its position and movement can be plotted.

This data is given anonymously to third parties, both to drive services for the user and to target advertisements.

But a study Unique in the Crowd: The privacy bounds of human mobility in Scientific Reports warns that human mobility patterns are so predictable it is possible to identify a user from only four data points.

The growing ubiquity of mobile phones and smartphone applications has ushered in an era in which tremendous amounts of user data have become available to the companies that operate and distribute them – sometimes released publicly as “anonymised” or aggregated data sets.

These data are of extraordinary value to advertisers and service providers, but also for example to those who plan shopping centres, allocate emergency services, and a new generation of social scientists.

Yet the spread and development of “location services” has outpaced the development of a clear understanding of how location data impact users’ privacy and anonymity.

For example, sat-nav manufacturers have long been using location data from both mobile phones and sat-navs themselves to improve traffic reporting, by calculating how fast users are moving on a given stretch of road.

The data used in such calculations are “anonymised” – no actual mobile numbers or personal details are associated with the data.

But there are some glaring examples of how nominally anonymous data can be linked back to individuals, the most striking of which occurred with a tranche of data deliberately released by AOL in 2006, outlining 20 million anonymised web searches.

Recent work has increasingly shown that humans’ patterns of movement, however random and unpredictable they seem to be, are actually very limited in scope and can in fact act as a kind of fingerprint for who is doing the moving.

Researchers at the Massachusetts Institute of Technology (MIT) and the Catholic University of Louvain studied 15 months’ worth of anonymised mobile phone records for 1.5 million individuals.

They found from the “mobility traces” – the evident paths of each mobile phone – that only four locations and times were enough to identify a particular user.

“In the 1980s, it was shown that you need 12 points to uniquely identify and characterise a fingerprint,” said the study’s lead author Yves-Alexandre de Montjoye of MIT.

“What we did here is the exact same thing but with mobility traces. The way we move and the behaviour is so unique that four points are enough to identify 95% of people.”

“We think this data is more available than people think. When you think about, for instance wi-fi or any application you start on your phone, we call up the same kind of mobility data.

“When you share information, you look around you and feel like there are lots of people around – in the shopping centre or a tourist place – so you feel this isn’t sensitive information.”

Sam Smith of Privacy International said: “Our mobile phones report location and contextual data to multiple organisations with varying privacy policies.”

“Any benefits we receive from such services are far outweighed by the threat that these trends pose to our privacy, and although we are told that we have a choice about how much information we give over, in reality individuals have no choice whatsoever.” 

Botnet system steals millions of dollars from advertisers

March 26, 2013 By: Dr Search Principal Consultant at the Search Clinic Category: AdWords, Computers, Cyber Security, data security, Ecommerce, Hackers, Pay Per Click, Pay Per Click Advertising, Search Clinic, Search Engine Marketing, Technology Companies, Uncategorized

A network of thousands of computers which stole millions of dollars from advertisers by generating fake advert viewings has been discovered.Botnet system steals millions of dollars from advertisersBritish web analytics firm Spider.io claims the “Chameleon” botnet is made up of 120,000 home PCs and costs advertisers £3.9 million per month.

Spider.io said that Chameleon simulated clicks on adverts on over 200 sites.

The firm said the botnet was responsible for up to nine billion false ad views every month.

Websites that show display ad receive money when an ad is viewed, in what is called cost-per-impression advertising. It works by money being paid when an ad impression is viewed, and advertisers selling a product or a service pay the website owner a fixed amount each time their ad is viewed.

The ads are typically placed by advertising networks that act as middlemen – the network places the ad on the publisher’s site and the advertiser pays the network and the publisher.

Advertisers use clicks and mouse movements over ads as leading indicators of visitor intent – meaning that the users being shown ads are more likely to buy a product or sign up to a new service.

So if a malicious programme generates clicks or mouse traces, then advertisers will be encouraged to buy more ad space.

Spider.io said that about 95% of the hijacked machines were in the US.

“This particular botnet is being used to emulate human users surfing the web, mimicking normal browsing sessions and normal ad engagement,” said the firm’s chief executive Douglas de Jager.

“It is difficult to imagine why one would run this type of botnet across a cluster of 202 sites other than to commit display advertising fraud.

“Unfortunately, we can’t be sure precisely which of the financially motivated parties is behind this. It could perhaps even be a single person within one of the companies, unbeknownst to others at this company.”

He added that the company was able to spot the botnet thanks to a very specific behaviour of the infected computers.

“The bots subject host machines to heavy load, and the bots appear to crash and restart regularly,” he said.

“When a bot crashes the concurrent sessions end abruptly; upon restart the bot requests a new set of cookies. These crashes and idiosyncratic site-traversal patterns are just two of the many bot features that provide for a distinctive bot signature.”

“Advertising networks – not the advertisers themselves – need to work harder at identifying the difference between a genuine user clicking on an ad, and a compromise computer that has been turned into a click-fraud bot.”