Digital gold: why hackers love Bitcoin | Technology | The Guardian

The WannaCry ransomware attackers demanded payment in the cryptocurrency. But its use in the ‘clean’ economy is growing, too, and could revolutionise how we use money

Fuente: Digital gold: why hackers love Bitcoin | Technology | The Guardian


NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet

The supercomputer described in the trove, “WindsorGreen,” was a system designed to excel at the sort of complex mathematics that underlies encryption, the technology that keeps data private, and almost certainly intended for use by the Defense Department’s signals intelligence wing, the National Security Agency. WindsorGreen was the successor to another password-cracking machine used by the NSA, “WindsorBlue,” which was also documented in the material leaked from NYU and which had been previously described in the Norwegian press thanks to a document provided by National Security Agency whistleblower Edward Snowden. Both systems were intended for use by the Pentagon and a select few other Western governments, including Canada and Norway.

Fuente: NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet


Leaked NSA Malware Is Helping Hijack Computers Around the World

In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Fuente: Leaked NSA Malware Is Helping Hijack Computers Around the World


Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador

El gigante de la informática criticó el papel de los gobiernos y organizaciones que coleccionan vulnerabilidades informáticas que después pueden ser robadas o vendidas a delincuentes informáticos. La empresa pide que lo sucedido sea una lección para erradicar esta práctica en el mundo.

Fuente: Microsoft responsabiliza a la Agencia de Seguridad Nacional de EE.UU. de propiciar el ciberataque masivo que afectó al menos a 150 países – El Mostrador


WannaCry: por qué los expertos creen que puede haber otro ciberataque muy pronto – El Mostrador

Expertos en informática advierten que un nuevo ataque global con un brote de ransomware es “inminente” y que incluso podría ser lanzado el lunes. BBC Mundo te cuenta los detalles y cómo protegerte de estos virus.

Fuente: WannaCry: por qué los expertos creen que puede haber otro ciberataque muy pronto – El Mostrador


El ciberataque de escala mundial y “dimensión nunca antes vista” que afectó a instituciones y empresas de casi 100 países – El Mostrador

Un ciberataque “de dimensión nunca antes vista” logró este viernes bloquear el acceso a los sistemas informáticos de instituciones estatales y empresas de varios países.La policía europea, Europol, indicó que el ciberataque era de una escala “sin precedentes” y advirtió que una “compleja investigación internacional” era necesaria para “identificar a los culpables”.

Fuente: El ciberataque de escala mundial y “dimensión nunca antes vista” que afectó a instituciones y empresas de casi 100 países – El Mostrador


Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador

Tras el ataque al Parlamento Británico ocurrido la semana pasada, los políticos británicos han exigido que Whatsapp y otras aplicaciones de mensajería instantánea proporcionen acceso a la policía y fuerzas de seguridad para así poder monitorear conversaciones terroristas. Sin embargo, los expertos en tecnología discuten que abrir las “puertas traseras” de los servicios de mensajería popular, las cuales usan cifrado de extremo a extremo, arrojaría una serie de problemas.

Fuente: Gobiernos en guerra contra WhatsApp por su cifrado de extremo a extremo – El Mostrador


Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser

Hillary Clinton’s advisers recognized that her policy position on encryption was problematic, with one writing that it was tantamount to insisting that there was “‘some way’ to do the impossible.”Instead, according to campaign emails released by Wikileaks, they suggested that the campaign signal its willingness to use “malware” or “super code breaking by the NSA” to get around encryption.

Fuente: Hillary Clinton’s Encryption Proposal Was “Impossible,” Said Top Adviser


FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’

The FBI has “hundreds of millions of dollars” to spend on developing technology for use in both national security and domestic law enforcement investigations — but it won’t reveal the exact amount.

Fuente: FBI’s Secret Surveillance Tech Budget Is ‘Hundreds of Millions’


Ron Wyden vows to filibuster anti-cryptography bill / Boing Boing

Senators Richard Burr [R-NC] and Dianne Feinstein [D-CA] finally introduced their long-rumored anti-crypto bill, which will ban US companies from making products with working cryptography, mandating that US-made products have some way to decrypt information without the user’s permission.

Fuente: Ron Wyden vows to filibuster anti-cryptography bill / Boing Boing


Forget Apple's fight with the FBI – our privacy catastrophe has only just begun | Technology | The Guardian

The privacy crisis is a disaster of our own making – and now the tech firms who gathered our data are trying to make money out of privacy

Fuente: Forget Apple’s fight with the FBI – our privacy catastrophe has only just begun | Technology | The Guardian


Apple Macs targeted by KeRanger ransomware for first time | Technology | The Guardian

Apple customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks have revealed.Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.

Fuente: Apple Macs targeted by KeRanger ransomware for first time | Technology | The Guardian


Apple's Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian

More high-profile titans need to use their platforms to make crystal clear how important encryption is to users everywhere

Fuente: Apple’s Tim Cook defends encryption. When will other tech CEOs do so? | Trevor Timm | Opinion | The Guardian


Apple believes bill creates ‘key under doormat for bad guys’ – FT.com

Shortly after Theresa May introduced the draft Investigatory Powers bill in November to update the UK’s surveillance laws for the internet age, the home secretary met privately with Tim Cook, Apple’s chief executive. He laid out a number of

Fuente: Apple believes bill creates ‘key under doormat for bad guys’ – FT.com


Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco

Operation Socialist: How GCHQ Spies Hacked Belgium’s Largest Telco.

BY RYAN GALLAGHER 

When the incoming emails stopped arriving, it seemed innocuous at first. But it would eventually become clear that this was no routine technical problem. Inside a row of gray office buildings in Brussels, a major hacking attack was in progress. And the perpetrators were British government spies.

It was in the summer of 2012 that the anomalies were initially detected by employees at Belgium’s largest telecommunications provider, Belgacom. But it wasn’t until a year later, in June 2013, that the company’s security experts were able to figure out what was going on. The computer systems of Belgacom had been infected with a highly sophisticated malware, and it was disguising itself as legitimate Microsoft software while quietly stealing data.

Last year, documents from National Security Agency whistleblower Edward Snowden confirmed that British surveillance agency Government Communications Headquarters was behind the attack, codenamed Operation Socialist. And in November, The Intercept revealed that the malware found on Belgacom’s systems was one of the most advanced spy tools ever identified by security researchers, who named it “Regin.”

The full story about GCHQ’s infiltration of Belgacom, however, has never been told. Key details about the attack have remained shrouded in mystery—and the scope of the attack unclear.

Now, in partnership with Dutch and Belgian newspapers NRC Handelsbladand De StandaardThe Intercept has pieced together the first full reconstruction of events that took place before, during, and after the secret GCHQ hacking operation.

Based on new documents from the Snowden archive and interviews with sources familiar with the malware investigation at Belgacom’s networks,The Intercept and its partners have established that the attack on Belgacom was more aggressive and far-reaching than previously thought. It occurred in stages between 2010 and 2011, each time penetrating deeper into Belgacom’s systems, eventually compromising the very core of the company’s networks.


Cryptolocker: what you need to know | Technology | theguardian.com

Cryptolocker: what you need to know | Technology | theguardian.com.

What happens when a computer is infected with the malicious software, and what should you do to protect your files?

 

 

Viruses such as Cryptolocker can be attacked by taking down the servers that control them.
Viruses such as Cryptolocker can be attacked by taking down the servers that control them. Photograph: imagebroker/Alamy

 

Cryptolocker is back in the headlines, thanks to a coordinated effort to take down the computers and criminals that run the notorious “ransomware”. But what is it? And how can you fight it?

Cryptolocker is ransomware: malicious software which holds your files to ransom

The software is typically spread through infected attachments to emails, or as a secondary infection on computers which are already affected by viruses which offer a back door for further attacks.

When a computer is infected, it contacts a central server for the information it needs to activate, and then begins encrypting files on the infected computer with that information. Once all the files are encrypted, it posts a message asking for payment to decrypt the files – and threatens to destroy the information if it doesn’t get paid.

The authorities have won users a two-week window of safety

The National Crime Agency (NCA) announced yesterday that the UK public has got a “unique, two-week opportunity to rid and safeguard” themselves from Cryptolocker. The agency didn’t go into more detail, but it seems likely that at least one of the central servers which Cryptolocker speaks to before encrypting files has been taken down.

The NCA has also taken down the control system for a related piece of software, known as GameOver Zeus, which provides criminals with a backdoor into users’ computers. That back door is one of the ways a computer can be infected with Cryptolocker in the first place.

What that means is, until the window is closed – and the virus cycles to new servers – users who are infected with Cryptolocker won’t lose their files to encryption. As a result, these users have the chance to remove the virus before it destroys data, using conventional anti-virus software. In other words, there has never been a better time to update the protection on your computer.

But watch out – while the servers that control Cryptolocker are out of action, it’s possible to be infected with it and not know. If you don’t keep your computer clean, then at the end of the two-week period, you could be in for a nasty surprise.


NSA reform: lawmakers aim to bar agency from weakening encryption | World news | theguardian.com

NSA reform: lawmakers aim to bar agency from weakening encryption | World news | theguardian.com.

Concerned about weaknesses in USA Freedom Act, Zoe Lofgren and colleagues pushing to prevent NSA from weakening online encryption with new amendment

 

 

California congressman Zoe Lofgren
Lofgren, in debate with her colleagues last week, attempted to move the USA Freedom Act closer to its civil libertarian origins. Photograph: Carolyn Kaster/AP

 

US legislators concerned about weaknesses in a major surveillance reform bill intend to insert an amendment barring the National Security Agency from weakening the encryption that many people rely on to keep their information secure online, or exploiting any internet security vulnerabilities it discovers.

Congresswoman Zoe Lofgren, a California Democrat, told the Guardian that she and a group of colleagues want to prevent the NSA from “utilizing discovered zero-day flaws,” or unfixed software security vulnerabilities, and entrench “the duty of the NSA and the government generally not to create them, nor to prolong the threat to the internet” by failing to warn about those vulnerabilities.

Since the discovery of the Heartbleed bug afflicting web and email servers, the NSA has faced suspicions that it has exploited the vulnerability, which the agency has strenuously denied. Beyond Heartbleed, documents from whistleblower Edward Snowden have revealed that the NSA has weakened online encryption, causing consternation among technology companies as well as privacy advocates.

Lofgren intends to attach the provision to the USA Freedom Act, increasingly the consensus bill to reform surveillance in the wake of the Edward Snowden disclosures. The bill, mostly favored by civil libertarians and expected to go for a vote on the House floor as early as next week, does not include language stopping the NSA from undermining encryption.

In an indication of the difficulty legislators will face in recasting the USA Freedom Act to better protect privacy, Lofgren conceded that attaching the provision will be difficult, as House legislators do not want to upset a tenuous deal on surveillance reform by adding to the bill. She is currently seeking a parliamentarian ruling on the “germaneness” of her online security amendment in order to make it difficult for opponents to exclude it from consideration on the floor.

Lofgren said she and other civil libertarian-minded lawmakers will have limited opportunities to add amendments to the bill, and so are prioritizing measures they believe stand the best chance of winning House support.

Lofgren said she thought those would most likely include a ban on the NSA searching through its foreign-focused communications content troves for Americans’ information without a warrant; clarifying a Patriot Act prohibition on collecting Americans’ phone calls and email content; and permitting more detailed transparency for telecoms and internet companies to disclose the sorts of national-security orders they receive from the government for their customers’ data.


La NSA desmiente haber estado al tanto de la falla de Internet “Heartbleed” – BioBioChile

La NSA desmiente haber estado al tanto de la falla de Internet “Heartbleed” – BioBioChile.


Heartbleed.com

Heartbleed.com

Publicado por Gabriela Ulloa | La Información es de Agencia AFP
La agencia estadounidense encargada de interceptar comunicaciones, la NSA, desmintió el viernes las revelaciones de la agencia Bloomberg según la cual sabía de la falla de seguridad en el programa de conexiones seguras conocida como “Heartbleed”, y la habría utilizado en su beneficio.

Bloomberg, que mencionó “fuentes cercanas al caso”, afirmó que la agencia de inteligencia sabía desde hacía “al menos dos años” que existía esta falla, pero no lo había revelado sino que la había utilizado en su beneficio para obtener datos.

“Heartbleed” afecta ciertas versiones de OpenSSL, un programa libre usado para conexiones seguras en Internet, que se reconoce por ejemplo en las direcciones web que empiezan con https o un pequeño candado durante operaciones bancarias y de identificación en internet. Su existencia fue revelada al inicio de esta semana.

“La NSA no estaba al tanto de la vulnerabilidad identificada recientemente en OpenSSL, llamada falla Heartbleed, hasta que se hizo pública en el informe de una firma privada de seguridad informática. Las informaciones que establecen lo contrario son falsas”, declaró a la AFP una portavoz de la NSA, Vanee Vines.


Una grieta en la seguridad de la Red | Tecnología | EL PAÍS

Una grieta en la seguridad de la Red | Tecnología | EL PAÍS.

 

OpenSSL se crea de manera desinteresada por la comunidad informática. / KACPER PEMPEL (REUTERS / Cordon Press)

 

Un error en uno de los principales programas de conexión segura utilizado en Internet ha tenido potencialmente expuestos a millones de usuarios desde hace dos años. El lunes, Google difundió un punto débil en el sistema de cifrado que utiliza para sus conexiones seguras, llamado OpenSSL, que también ha afectado a gigantes como Yahoo y Amazon. Esta grieta, existente desde 2011 y descubierta en diciembre de 2013 por un técnico de Google, podría haber permitido a hackers robar contraseñas de los usuarios.

 

El problema afecta a las conexiones seguras, las que comienzan con “https” y aparecen en la barra de direcciones cuando el usuario introduce datos delicados, habitualmente contraseñas. El fallo ha sido bautizado en inglés como Heartbleed, o “corazón sangrante”, porque afecta a un tipo de intercambio de información en web, el Heartbeat (latido de corazón).

 

El agujero de seguridad está en el código fuente (los bloques de construcción que componen un programa informático) de las versiones 1.0.1 a 1.0.1f de OpenSSL. Ya existe una nueva versión lista para descargar que subsana el fallo: la 1.0.1g. Los internautas de las páginas que utilizan este código habrían sido potencialmente vulnerables desde 2011. Y si alguien hubiera accedido a información confidencial, no habría dejado rastro. Pero los expertos llaman a la calma porque no hay razones para suponer que la seguridad haya sido violada desde entonces.

 

Open SSL es un sistema de seguridad utilizado por algunas de las principales web que existen, y “entre el 50% y el 70%” de servidores según Igor Unanue, técnico de la empresa de seguridad S21SEC. Ricardo Galli, fundador de Menéame, rebaja los servidores afectados a unos 500.000. Es gratuito y funciona como una herramienta que las web utilizan para cifrar la información que intercambian con los usuarios individuales, para que esta no pueda ser robada por terceros.

 

Open SSL es un programa de código abierto. Es decir, supuestamente cualquier programador puede participar en la escritura de su ADN, aunque eso no quiere decir que lo pueda alterar a voluntad como los artículos de Wikipedia.

 

Lo usan desde Yahoo, Google, Facebook o Amazon, a la plataforma de juegos Steam, pasando por el software de conexión segura Tor. Potencialmente podría haber dejado sin cobertura de seguridad a millones de usuarios que almacenan los datos de sus tarjetas bancarias en páginas de pago, o que utilizan el e-mail o los mensajes instantáneos.


“Heartbleed”: La grave falla que amenaza la seguridad de los usuarios en Internet – BioBioChile

“Heartbleed”: La grave falla que amenaza la seguridad de los usuarios en Internet – BioBioChile.


Heartbleed.com

Heartbleed.com

Publicado por Gabriela Ulloa
Esta semana se dio a conocer un preocupante problema de seguridad web que afecta a dos tercios de Internet: se trata de un error (bug) llamado “Heartbleed”, el cual permite a cualquier cibercriminal con acceso a la red robar datos protegidos en un servidor.

Precisamente corresponde a una falla en OpenSSL, un software de encriptación de código abierto usado por cerca del 66% de los servidores existentes en Internet, y que podría poner en riesgo los datos sensibles de los usuarios como contraseñas, datos de tarjetas de créditos y correos electrónicos, entre otros.

Uno de los aspectos más críticos es que dicha tecnología está detrás de múltiples sitios HTTPS que recogen información personal o financiera, los cuales se identifican con el ícono de un pequeño candado ubicado en la barra de direcciones y que avisa a los cibernautas que sus datos están a salvo de los espías web.

Al respecto, se precisó que actualmente los cibercriminales pueden explotar el bug para acceder a los datos personales de los usuarios y a las contraseñas criptográficas de los sitios, con el fin de crear imitaciones de las páginas para engañar a quienes navegan.


Heartbleed: don't rush to update passwords, security experts warn | Technology | theguardian.com

Heartbleed: don’t rush to update passwords, security experts warn | Technology | theguardian.com.

The severity of the Heartbleed bug means that rushing to change passwords could backfire

 

 

The Heartbleed logo.
The Heartbleed logo. Photograph: Codenomicon

 

Internet security researchers say people should not rush to change their passwords after the discovery of a widespread “catastrophic” software flaw that could expose website user details to hackers.

The flaw, dubbed “Heartbleed”, could reveal anything which is currently being processed by a web server – including usernames, passwords and cryptographic keys being used inside the site. Those at risk include Deutsche Bank, Yahoo and its subsidiary sites Flickr and Tumblr, photo-sharing site Imgur, and the FBI.

About half a million sites worldwide are reckoned to be insecure. “Catastrophic is the right word,” commented Bruce Schneier, an independent security expert. “On the scale of 1 to 10, this is an 11.”

But suggestions by Yahoo and the BBC that people should change their passwords at once – the typical reaction to a security breach – could make the problem worse if the web server hasn’t been updated to fix the flaw, says Mark Schloesser, a security researcher with Rapid7, based in Atlanta, Georgia.

Doing so “could even increase the chance of somebody getting the new password through the vulnerability,” Schloesser said, because logging in to an insecure server to change a password could reveal both the old and new passwords to an attacker.


'Heartbleed': for hundreds of thousands of servers at risk around the world from catastrophic bug | Technology | theguardian.com

‘Heartbleed’: for hundreds of thousands of servers at risk around the world from catastrophic bug | Technology | theguardian.com.

Code error means that websites can leak user details including passwords through ‘heartbeat’ function used to secure connections

 

 

The Heartbleed logo
The Heartbleed logo. Photograph: /Codenomicon

 

Hundreds of thousands of web and email servers worldwide have a software flaw that lets attackers steal the cryptographic keys used to secure online commerce and web connections, experts say.

They could also leak personal information to hackers when people carry out searches or log into email.

The bug, called “Heartbleed”, affects web servers running a package called OpenSSL.

Among the systems confirmed to be affected are Imgur, OKCupid, Eventbrite, and the FBI’s website, all of which run affected versions of OpenSSL. Attacks using the vulnerability are already in the wild: one lets a hacker look at the cookies of the last person to visit an affected server, revealing personal information. Connections to Google are not vulnerable, researchers say.

SSL is the most common technology used to secure websites. Web servers that use it securely send an encryption key to the visitor; that is then used to protect all other information coming to and from the server.

It is crucial in protecting services like online shopping or banking from eavesdropping, as it renders users immune to so-called man in the middle attacks, where a third party intercepts both streams of traffic and uses them to discover confidential information.


Has the NSA’s mass spying made life easier for digital criminals? | Technology | theguardian.com

Has the NSA’s mass spying made life easier for digital criminals? | Technology | theguardian.com.

In flooding the internet with malware, and by increasing wariness of data sharing, the NSA’s actions have had a negative impact on the fight against cybercrime

A man hands out 'RSA sold us out' ribbons near Moscone West for the badges of people attending the RSA conference.
A man hands out ‘RSA sold us out’ protest ribbons near Moscone West to people attending the RSA conference. Photograph: Steve Rhodes/Demotix/Corbis

Thousands of the world’s security professionals, mostly of them middle-aged white males, gathered in San Francisco last week for the annual RSA Conference.

Traditionally, it’s the time of year vendors hawk their gear in halls containing a perturbing whiff of ammonia, research announcements provide relief from the festival of commerce, and government mandarins hobnob with corporate types – all with the implied intent to work together to protect people’s data.

Yet 2014’s event was always going to be a bit different. RSA, the security company hosting the event, had to defend itself against criticism over an alleged $10m deal with the National Security Agency (NSA) to include flawed encryption in its products.

The company’s chief, Art Coviello, outright denied any wrongdoing, saying RSA was only following advice given by the US government’s National Institute of Standards and Technology (NIST).

RSA’s excuses have convinced some onlookers, others remain sceptical. But the organisation that took far more flak this week was the NSA itself, which had its own booth on the trade floor, albeit a considerably plainer one than the surrounding neon-clad stalls of commercial firms.

There was one criticism, amid the understandable ire around the damage done to global privacy, which stood out: that the NSA’s mass spying had perversely made life easier for digital criminals.

Data sharing in danger

Cross-border data-sharing mechanisms – a critical part in both online and non-internet crime investigations – have come under threat since the Edward Snowden leaks. Even though information-sharing deals covering banking and airline passenger data just about survived calls to suspend them, the Snowden files have caused problems for collaboration between public and private bodies.

The heightened tensions lie not between law enforcement agencies, but between police and other organisations that potentially hold valuable information for investigations. “The impact is more [with] third parties giving more consideration to sharing their data with agencies or other departments,” said Charlie McMurdie, formerly the head of the defunct Metropolitan Police Central e-Crime Unit and now senior crime adviser at PricewaterhouseCoopers.

“This can have a negative impact on law enforcement ability to respond to or progress investigations, but on the positive side [this] has also made third parties think more about where their data exists, security and sharing protocols, which isn’t a bad thing.”

A recent European Commission report on trust between the US and the EU following the leaks last year said: “Information sharing is … an essential component of EU-US security cooperation, critically important to the common goal of preventing and combating serious crime and terrorism. However, recent revelations about US intelligence collection programmes have negatively affected the trust on which this cooperation is based. In particular, it has affected trust in the way personal data is processed.”

Discussions are ongoing about an umbrella agreement covering law enforcement data sharing, with much talk of the need to ensure safeguards are in place, with “strict conditions”.

The US government has already seen the impact. In response to a Guardian question on the effect of Snowden’s revelations on data sharing, Phyllis Schneck, the chief cybersecurity official at the US Department of Homeland Security, said the government body’s partners were “feeling it”.