STE WILLIAMS

LOS ANGELES, Dec. 10, 2013 /PRNewswire-USNewswire/ — The L.A. Gay Lesbian Center was recently the victim of a sophisticated cyberattack that, according to data security and technology experts, was designed to collect credit card, Social Security numbers and other financial information, although there is no evidence that anyone’s information was actually accessed or acquired.

The Center is working with law enforcement officials to identify those responsible for this criminal act at the same time it is notifying approximately

59,000 clients and former clients, in English and Spanish, that information related to them may have been compromised between September 17, 2013 and November 8, 2013. The information potentially exposed may have included name, contact information, credit card information, medical or health care information, Social Security number, date of birth, and health insurance account number.

The Center began notifying potentially affected individuals out of an abundance of caution on December 2, 2013. Potentially affected people will be notified within a week and receive a toll-free number to call with any questions.

Additional information will be available on the home page of the Center’s

website: lagaycenter.org.

For all those who are potentially impacted, the Center has engaged Experian, one of the leading providers of credit monitoring, to provide one free year of its ProtectMyID Alert product.

“The Center takes the privacy of our clients very seriously,” said Center CEO Lorri L. Jean. “After learning of this attack, we took immediate steps to further safeguard the information currently on our servers and, though no organization can ever be assured that its data is 100% protected, we are working with data security and technology experts to guard against future attacks.”

Immediately after an employee on the Center’s information technology team became suspicious that sophisticated malware may have evaded the Center’s security measures, the organization retained the services of data security and technology consultants. They determined that this type of attack is designed to acquire Social Security numbers, credit card information and other financial data and confirmed on November 22, 2013 that the security of certain client data may have been compromised. By December 3, 2013 they had confirmed that additional client data may have been compromised.

About the L.A. Gay Lesbian Center

For more than 40 years, the L.A. Gay Lesbian Center has been building the health, advocating for the rights and enriching the lives of LGBT people. We serve more LGBT people than any other organization in the world with services ranging from LGBT specialty care to cultural arts programs; from housing homeless youth to hosting life-enriching programs for seniors. Learn more at lagaycenter.org.

Article source: http://www.darkreading.com/attacks-breaches/la-gay-lesbian-center-information-syste/240164619

Both good and bad bots are frequenting websites, but, overall, the traffic they generate makes up more than half of all site traffic.

A new study by Incapsula based on 1.45 billion bot visits to some 20,000 websites worldwide in a 90-day period found that these code-based visitors account for 61.5 percent of all website traffic, an increase of 21 percent over 2012.

The good news is that most of that growth comes from good bots — search engine crawlers, SEO services crawlers, and other types of legitimate software agents, for instance. And spam bots are down from 2 percent in 2012 to 0.5 percent this year. Much of that is due to Google’s efforts to discourage comment-spamming SEO methods as well as link-spamming.

“We’ve noticed a 75 percent reduction in comment spammers, and that’s really significant,” says Marc Gaffan, co-founder of Incapsula.

The bad news is that 31 percent of bots are malicious. There was an 8 percent increase in unclassified bots with hostile intentions, according to Incapsula. Those are bots posing as legit agents, such as search-engine or browser user agents. The aim of these “impersonators” is to bypass the website’s security, and they are typically built for specific malicious activity, such as automated DDoS agents or Trojan-activated browsers.

“The increase in impersonation is obviously a bad sign … and it’s also a bad symptom of increased malicious activities,” Gaffan says. These automated bots also can be used to scan websites for holes or to impersonate a Google bot, he says.

“Sixteen percent of all websites had some type of good impersonation going on,” he says.

The key to combating unwanted impersonator bots is to benchmark legitimate ones, and to get the proper visibility into their presence and activity, he says. “You want to make sure you don’t block some of the good bots. Blocking Google bots by mistake can be hazardous” to your SEO investment, for example, Gaffan says.

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/vulnerability/imposter-bots-on-the-rise/240164615

LOS ANGELES (December 10, 2013) – Infrascale, a leader in secure software defined infrastructure solutions, today announced the release of EndGuardtrade for endpoint data protection and management. Designed to protect medium and large enterprises from the risks associated with data created, consumed and collaborated on at the endpoint, EndGuard integrates cloud backup and native endpoint data loss prevention capabilities in a centrally managed application to help protect corporate data, increase workforce productivity and simplify IT management.

“With the proliferation of data growth on the endpoint and with the rise of the bring your own device (BYOD) movement, IT knows they can’t backup and manage mobile and laptop endpoints in the same way they’ve traditionally dealt with tethered and on-premise devices,” said Ken Shaw, Chief Executive Officer, Infrascale. “That’s why we are excited to introduce EndGuard. Purpose-built to safeguard data that is created, stored and shared on laptops, tablets and smartphones, EndGuard provides a new level of assurance and simplicity for endpoint data protection.”

Infrascale’s EndGuard delivers centrally managed endpoint data protection and data loss prevention to protect corporate information against risks associated with the increasingly ubiquitous BYOD trend. The platform can be managed in-house by IT staff or delivered as a managed cloud service by Infrascale.

Automated backup and best-in-class data loss prevention capabilities are combined in a single unified dashboard to simplify management for IT, improve business productivity, and reduce security risk.

EndGuard delivers:

Automated, user-transparent backup of laptops, smartphones and tablets including support for Windows, Mac, iOS, Android and Windows Phone.

Data loss prevention with client-side data encryption, remote wipe and monitoring, heterogeneous data restore and device geo-tracking.

Flexible and unlimited cloud support, giving enterprises the choice of where backup data is directed, with options including the Infrascale Cloud, the enterprise’s own private cloud or major 3rd party public clouds.

Central management to allow IT to control endpoint data with fine-grain control, separating content from corporate IP, delegate specific tasks and report on any number of metrics.

MSPs and IT service providers looking to expand their managed cloud backup and service portfolio with endpoint data protection will benefit from EndGuard’s centralized management platform, flexible pricing and the ability to white-label EndGuard as their own endpoint data backup and data protection service.

“Data backup has been a lucrative business for us and now with BYOD on the rise, expanding our services to include endpoint data protection makes smart business sense,” said Infrascale Partner Rob Naragon, President of ITque. “The ability to add EndGuard to our service portfolio will allow us to offer our customers strategic, high value data protection initiatives while streamlining management to afford our businesses incremental revenue and profit growth.”

Infrascale delivers three distinct, enterprise-grade solutions built upon the Infrascale cloud storage platform, providing enterprises or MSPs and VARs end-to-end data protection: SOS Business provides complete server backup and recovery. FileLocker provides secure file-sync and collaboration for enterprises. EndGuard offers centrally managed end-point data backup and management for larger companies.

EndGuard is available for purchase today. Contact Infrascale at 1-877-896-3611 to speak to a representative and get started or request a live demonstration.

About EndGuard

Infrascale’s EndGuardtrade application is a centrally-managed, cloud backup solution that protects corporate data where it lives – on laptops, tablets and smartphones. Unlimited backup, best-in-class data loss prevention, geo-tracking, remote wipe and heterogeneous restore capabilities are combined in a single, unified dashboard to simplify management for IT, improve business productivity and reduce security risk. Learn more today at http://www.infrascale.com/endguard.

About Infrascale

Infrascale connects people, devices and their data in ways that are truly secure. Headquartered in El Segundo, CA., Infrascale’s cloud platform runs from 11 data centers on five continents. Infrascale’s software spans mobile, desktop and cloud and powers the FileLocker and SOS products and over 1,000 independent cloud service companies, VARs and MSPs. Visit www.infrascale.com.

Article source: http://www.darkreading.com/management/endguard-protects-byod-data/240164620

SAN ANTONIO, TX – December 10, 2013 – Samsung Telecommunications America, LLC’s (Samsung Mobile) business customers now have an easy and secure way to access company and personal files when they are not at the office. TappIn, a wholly owned subsidiary of GlobalSCAPE, Inc. (NYSE MKT: GSB), is now available on the Samsung Solutions Exchange, an online marketplace that addresses the needs of business owners by creating holistic mobile solutions on a robust portfolio of enterprise-grade Samsung Mobile devices.

TappIn, which has won numerous awards for its innovative approach to content sharing and remote access, provides employees with anytime, anywhere secure access to files and information. TappIn gives customers the ability to instantly access and securely share files, no matter where they’re stored, whether on office or home computers, office servers, or TappIn’s OnTapp cloud storage. Unlike other solutions, TappIn users don’t waste time uploading and synching files across their mobile devices. Using SSL encryption to safeguard content, TappIn securely allows the sharing of files from any web browser on your desktop and from mobile devices across multiple operating systems.

“Today’s workforce needs instant access to content and information to be productive,” said Chris Hopen, President of TappIn. “In most organizations, though, digital content is stored everywhere, which can make it incredibly difficult for employees to access and privately share the files they need while working remotely. That’s the problem that TappIn solves in a secure, efficient, and cost-effective manner.”

The Samsung Solutions Exchange delivers a range of third-party offerings for a variety of industries that increase productivity and ROI, including but not limited to sales and management applications, mobile device management solutions, cloud services, collaboration tools, and security solutions, all designed to make it easier for enterprises to succeed in the new era of mobile business.

“We launched the Samsung Solutions Exchange to further enhance our ability to help enterprises adopt a mobile first philosophy,” said Timothy Wagner, Vice President and General Manager of Samsung Mobile’s Enterprise Business Unit. “TappIn is yet another example of Samsung Mobile’s commitment to delivering holistic solutions that are optimized on Samsung Mobile’s diverse portfolio of highly-desirable smartphones and tablets.”

TappIn is one of the initial launch members of Samsung Solutions Exchange. TappIn is also available for download through Samsung Apps.

To find out more about the benefits of Samsung Solutions Exchange for businesses and partners, visit www.samsung.com/us/enterprise. Start your free trial of TappIn by visiting TappIn.com.

Samsung, Samsung Solutions Exchange and Samsung Apps are trademarks of Samsung Electronics Co., Ltd. Android and Google Play are trademarks of Google Inc. Other company names, product names and marks mentioned herein are the property of their respective owners and may be trademarks or registered trademarks.

About Globalscape

San Antonio, Texas-based GlobalSCAPE, Inc. (NYSE MKT: GSB) ensures the reliability of mission-critical operations by securing sensitive data and intellectual property. Globalscape’s suite of solutions features EFT, the industry-leading enterprise file transfer solution that delivers military-grade security and a customizable platform for achieving best in class control and visibility of data in motion or at rest, across multiple locations. Founded in 1996, Globalscape is a leading enterprise solution provider of secure information exchange software and services to thousands of customers, including global enterprises, governments and small businesses. For more information, visit www.globalscape.com or follow the blog and Twitter updates.

Article source: http://www.darkreading.com/management/tappin-by-globlascape-now-available-on-t/240164621

LOS GATOS, CA — SplashData today announced three new versions of its SplashID Safe password manager, including a major update of its consumer-focused Personal Edition with enhanced security features and an optional cloud-based sync service, a new SaaS version for small businesses and teams, and an updated server-based enterprise version.

SplashID Safe Personal Edition

SplashData has completely updated its popular consumer suite of SplashID Safe applications that has over 1 million users worldwide. Based on an all-new SplashID 7.0 architecture, SplashID Safe is now the only password manager that lets the user choose how to handle sensitive records — encrypt and save data locally on a phone or tablet, sync and backup over WiFi inside a home or office network, or choose SplashID Cloud Services to keep records securely and automatically updated across multiple phones, tablets, and computers.

In addition to the ability to automatic sync passwords and other records, the optional SplashID Cloud Services also include a new web-based version of SplashID Safe, in-app support, and access to identity protection services with experts available on demand by phone.

“With this new version, we’re delivering on all the features most requested from SplashID Safe users,” said SplashData CEO Morgan Slain. “Our customers wanted freedom of choice about where their data is stored, and they wanted an easy yet secure way to keep multiple phones, tablets, and computers in sync. We’re excited about how SplashID Cloud Services enable us to deliver more new features more quickly to our users.”

SplashID Safe Personal Edition is available for iPhone, iPad, Android, BlackBerry 10, Windows Phone, Windows, Mac OS, and on the web at www.splashid.com/personal. All applications are free to try for 30 days. Users can then choose one of three purchase options: one application for $9.99, multiple SplashID Safe applications with WiFi sync for $29.99, or access to all SplashID Safe applications and SplashID Cloud Services for $1.99 per month or $19.99 per year.

SplashID Safe Teams Edition

A new software-as-a-service product designed for groups seeking a simple and secure way to create, update, and share passwords and other sensitive records, SplashID Safe for Teams enables anyone to set up an account on the web with multiple users who can then access the database from native SplashID Safe client applications on any mobile or desktop platform.

With SplashID Teams Edition, small businesses and office teams can extend the power of SplashID Safe by enabling employees to organize and share passwords, server settings, account numbers, and device ID’s.

“A lot of our enterprise users are small businesses or cross-functional teams that have between 5 and 50 users, and they don’t really need to set up a server in their network,” Slain said. “They wanted a password manager that would be as easy to set up as Salesforce or Dropbox, and SplashID Safe for Teams delivers on that goal. And with the ability for teams to securely share settings and passwords, SplashID Safe will reduce common issues like calls to IT for lost credentials, sticky notes with passwords written on them, and emails of logins that can create security risks.”

SplashID Safe for Teams is available at www.splashid.com/teams. The service is free to try for 30 days for a limited number of users. Subscriptions are $5 per user per month and enable each user to access all SplashID Safe for Teams client applications, including versions for iPhone, iPad, Android, Windows, Mac OS, and web browsers.

SplashID Safe Enterprise Edition

Lastly, SplashData is releasing an updated version of its server-based version for enterprise IT managers. The new version of SplashID Safe Enterprise Edition offers dedicated, scalable solutions and can be hosted inside an enterprise’s network or by SplashData.

“SplashID Safe Enterprise Edition is for our clients who have custom requirements or need the highest levels of security and service,” Slain said. “This is the product designed for our largest SplashID users, including financial institutions, government agencies, and large universities.”

More information about SplashID Safe Enterprise Edition can be found at www.splashid.com/enterprise.

About SplashData, Inc.

SplashData, Inc., founded in 2000 and based in Los Gatos, California, is a leading provider of security and productivity applications. SplashData’s award-winning products include SplashID Safe (www.splashid.com), the best-selling cross-platform password manager with over 1 million individual users and thousands of business and enterprise clients. For more information, visit www.splashdata.com.

Article source: http://www.darkreading.com/management/new-versions-of-splashid-safe-improve-pa/240164622

SAN FRANCISCO, Dec. 10, 2013 – OpenDNS, the world’s leading provider of cloud-delivered security services, today announced findings by its research organization into the most significant cyber attacks of 2013. Red October, Kelihos, Syrian Electronic Army DNS Hijack, Syria Internet shutdown and Cryptolocker topped the list of malicious internet events over the past twelve months. To capture the massive volume and scale of these incidents, OpenDNS created a short 3D video of the DNS activity generated by each of them: http://www.opendns.com/2013

“Visualization is a key component in using Big Data security techniques to detect and protect against complex, sophisticated attacks, which is what we are demonstrating with this video,” said Dan Hubbard, CTO of OpenDNS and head of Umbrella Security Labs. “Organizations and their security practitioners can no longer simply rely on traditional signature and perimeter-based defenses. Security has to move at Internet speed. OpenDNS has pioneered Big Data techniques and analytics to predict and block threats before they can compromise endpoint devices or extract data to command and control servers.”

Top Five Cyber Attacks of 2013

Red October

Advanced cyber-espionage network discovered by Kaspersky Labs was responsible for targeting select enterprises. Malware was used to “phone home” to command and control servers and exfiltrate data.

Kelihos

Complex criminal infrastructure, used to deliver the malware and steal data, continues to adapt and evade reputation systems and sandboxes with double fast fluxing networks and domain generation algorithms.

Syrian Electronic Army DNS Hijack

Visitors to some of the Internet’s most popular websites were redirected to the Syrian Electronic Army’s Web server, which luckily only delivered a political message, not malware.

Syria Internet Shutdown

Internet access into and out of the country was completely cut off by withdrawing the network routes that are used to reach the Syria-based .SY domain name servers.

Cryptolocker

The most sophisticated and widespread ransomware ever seen evaded firewalls, gateways and endpoint protections for weeks using a domain generation algorithm (DGA). Infected machines “phoned home” to acquire keys used to encrypt the victim’s files.

Resources

Umbrella Security Labs: http://labs.umbrella.com/ Umbrella Security Graph: http://labs.umbrella.com/security-graph/

Umbrella Webcast: http://www.youtube.com/watch?v=PaQXfyBcob0feature=youtu.be

About OpenDNS

OpenDNS is the world’s leading provider of Internet security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. OpenDNS provides millions of businesses, schools and households with a safer, faster and more intelligent Internet experience by protecting them from malicious Web threats and providing them control over how users navigate the Internet, while dramatically increasing the network’s overall performance and reliability. The company’s cloud-delivered Umbrella security service protects enterprise users from malware, botnets and phishing regardless of location or device. At the heart of all OpenDNS services is the OpenDNS Global Network, the world’s largest Internet-wide security network, securing 50 million active users daily through 20 data centers worldwide. For more information, please visit: www.opendns.com.

Article source: http://www.darkreading.com/attacks-breaches/opendns-exposes-years-top-cyberattacks-i/240164627

DALLAS, Dec. 9, 2013 – Trend Micro Incorporated (TYO: 4704; TSE: 4704) today released its annual security predictions report, “Blurring Boundaries: Trend Micro Security Predictions for 2014 and Beyond.” The outlook cites that one major data breach will occur every month next year, and advanced mobile banking and targeted attacks will accelerate. Critical infrastructure threats, as well as emerging security challenges from the Internet of Everything (IoE) and Deep Web, are also highlighted. The report parallels Trend Micro’s long-term projections in the recently released nine-part online video drama entitled, “2020: The Series,” depicting a technology saturated society and the corresponding cyber threats.

“We see the sophistication of threats expanding at a rapid pace, which will impact individuals, businesses and governments alike,” said Raimund Genes, CTO, Trend Micro. “From mobile banking vulnerabilities and targeted attacks, to growing privacy concerns and the potential of a major breach each month, 2014 promises to be a prolific year for cybercrime. We will also see the evolution of the IoE, which serves as a prelude to the surge in technological advancements as the decade closes.”

Prominent predications for 2014 include:

Malicious and high-risk Android apps will reach 3 million

Banking via mobile devices will be compromised by an uptick of Man-in-the-Middle attacks, making two-step verification inadequate

Cybercriminals will increasingly use targeted-attack-type methodologies like open source research and highly customized spear phishing

Targeted attackers will increasingly use advanced threats such as clickjacking and watering hole attacks and target mobile devices

Lack of support for popular software such as Java 6 and Windows XP will expose millions of PCs to attack

Public trust, compromised by revelations of state-sponsored monitoring, will result in a variety of efforts to restore privacy

The Deep Web will continue to vex law enforcement’s ability to address widespread cybercrime

The report also focuses on the rise of the IoE, which promises to be the proverbial game changer in personal technology in the years to come. With augmented reality delivered through wearable technology including watches and eyewear, the possibility of large-scale cybercrime from identity theft by 2020 is a very real possibility as the technology continues to proliferate from 2014 and beyond.

This reality is brought to life in Trend Micro’s “2020: The Series,” which is based on Project 2020, a white paper developed in collaboration with the International Cyber Security Protection Alliance (ICSPA). The unique series presents a future consumed by technology and seeks to inspire stakeholders to take action now against looming cyber vulnerabilities.

View “Blurring Boundaries: Trend Micro Security Predictions for 2104 and Beyond” at:

http://about-threats.trendmicro.com/us/security-predictions/2014/blurring-boundaries/

Watch “2020: The Series” in its entirety to learn what the future holds for technology at: 2020.trendmicro.com.

Supporting assets:

TrendLabs Security Intelligence Blog entry:

http://blog.trendmicro.com/trendlabs-security-intelligence/2014-predictions-blurring-boundaries

Simply Security Blog:

http://blog.trendmicro.com/blurring-boundaries-trend-micro-security-predictions-for-2014-and-beyond

About Trend Micro

Trend Micro Incorporated a global leader in security software, rated number one in server security (IDC, 2013), strives to make the world safe for exchanging digital information. Built on 25 years of experience, our solutions for consumers, businesses and governments provide layered data security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. All of our solutions are powered by cloud-based global threat intelligence, the Trend Microtrade Smart Protection Networktrade infrastructure, and are supported by over 1,200 threat experts around the globe. For more information, visit TrendMicro.com.

Article source: http://www.darkreading.com/mobile/trend-micro-predicts-cybersecurity-conce/240164628

(Los Angeles, CA – December 10, 2013) Lieberman Software Corporation announced that its privileged identity management (PIM) product, Enterprise Random Password Managertrade (ERPM), is now available on Windows Azure, Microsoft’s cloud hosting platform. ERPM can deploy in less than an hour in Windows Azure to automatically find, manage and secure the privileged identities located in Azure or on-premises.

“Managing the privileged accounts for large enterprises is a sensitive and mission-critical operation that was previously available only as an on-premises solution,” said Philip Lieberman, President and CEO of Lieberman Software. “We’re extending privileged identity management to Windows Azure, because it is now secure enough to run ERPM and store the cryptographically sensitive ‘keys to the IT kingdom’ that are generated and managed by our product. Microsoft Azure not only delivers a highly trustworthy platform, it does so faster and at a lower price than on-premises solutions.”

“This is significant because PIM is a mission-critical operation in most enterprises,” Lieberman continued. “PIM solutions discover, manage and store powerful superuser account credentials, such as root and administrator, in highly sensitive and distributed environments. Data integrity, fault tolerance and scalability are keys to its mission. Our customer base is worldwide and includes organizations that are part of the critical national infrastructure of the United States. These customers require uncompromising up-time, security, transparency and performance. By providing both on-premises and cloud-based solutions, we can more quickly meet the needs of our clients without compromising quality or security.”

ERPM and Azure: Delivering Privileged Identity Management in the Cloud

ERPM automatically manages the entire privileged identity lifecycle. It operates as a service platform capable of providing automation and programmatic orchestration of privileged credentials and other sensitive data generated on a massive scale in multi-tenant service provider and enterprise environments. Windows Azure is an open and flexible cloud platform that enables users to quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters – making it an ideal environment to deploy ERPM at scale.

“One of the key reasons we selected Windows Azure as our go-to-market public cloud platform was because of its worldwide deployment of data centers,” Lieberman said. “With Windows Azure, we can bring up an enterprise grade privileged identity management solution globally in less than one hour, and have it appear as part of a client’s existing infrastructure within this same time frame. Given how many different platforms ERPM manages, and at a massive scale, the elastic computing of Windows Azure is very appealing.”

By supporting pre-built Azure images and PowerShell scripts, an entire ERPM environment can be rapidly deployed within Azure, and orchestrated with minimal operator intervention. Via the Azure control panel, users can distribute the components of ERPM anywhere in the world where Azure data centers are located.

ERPM leverages Windows Azure’s integration with Microsoft System Center 2012 to migrate between Azure and on premises locations, ensuring that all endpoints are securely managed through the cloud or on site.

The Pricing and Licensing Advantage

Running a privileged identity management solution in a large environment usually involves heavy workloads supported by a significant amount of hardware. Customers who deploy ERPM through Windows Azure can do so without a large capital investment. Many customers incur no additional license costs for instances of Windows Server 2012 or SQL Server in Azure, and have no additional hardware requirements.

Learn More About ERPM and Windows Azure

To evaluate ERPM using Azure as the hosting environment, contact us at [email protected].

About Lieberman Software Corporation

Lieberman Software provides privileged identity management and security management products to more than 1200 customers worldwide, including nearly half of the Fortune 50. By automatically discovering and managing privileged accounts throughout the network, Lieberman Software helps secure access to sensitive data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privileged account management space, and its products, including Enterprise Random Password Manager (ERPM), continue to lead the market. ERPM is a cross-platform privileged identity management solution that offers multilingual support for 24 languages. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world. For more information, visit www.liebsoft.com.

Article source: http://www.darkreading.com/intrusion-prevention/lieberman-intros-privileged-identity-man/240164629

Online games are, or at the very least have been in the past, thick with spies, the latest disclosure from whistleblower Edward Snowden shows.

The US and British spying agencies – the National Security Agency (NSA) and GCHQ – have deployed undercover agents working behind avatars in online games such as those on Xbox Live, World of Warcraft, and Second Life, according to the newly released files.

In fact, there have been so many FBI, CIA, and Pentagon spooks kicking around as elves, Orcs and supermodels, a “deconfliction” group is needed to avoid them all colliding into each other, according to the newly released, top-secret documents.

The Guardian obtained the latest files to come out in NSA-gate. Written in 2008, they’re titled “Exploiting Terrorist Use of Games Virtual Environments.”

The Guardian published the documents on Monday in partnership with the New York Times and ProPublica.

In the files, the NSA said that terrorists were already operating with the help of internet-enabled communications such as email, Voice over IP (VoIP), chat, proxies, and web forums, so it was “highly likely” they’d use the same type of communication channels in games and virtual environments (GVEs).

The NSA analyst or analysts who authored the files noted that GVEs at the time were offering private chat, group chat, chat to an alias, and broadcast chat, via both text and voice.

Xbox Live also allowed a bunch of those technologies to converge, allowing gaming over the Xbox 360 console and/or messaging over a PC with normal MSN chat.

Second Life, meanwhile, offered anonymous SMS texting and anonymous phone calling, the NSA noted, while some games allowed third-party interfaces that permitted limited functions within a browser – a good way to get by without high bandwidth, as is the case in internet cafés, for example.

All those places to connect, interact or share would be prime operating ground for terrorist web forums, the NSA pointed out.

What’s more, the games offer realistic training in weapon use, military operations and tactics, photorealistic land navigation and terrain familiarization, and leadership skills: a perfect place to learn how to carry out terrorist violence without risking any operatives.

From the files:

Some of the 9-11 pilots had never flown a real plane, they had only trained using Microsoft’s Flight Simulator. When the mission is expensive, risky, or dangerous, it is often a wiser idea to exercise virtually, rather than really blow an operative up assembling a bomb or exposing a sleeper agent to law enforcement scrutiny.

The intelligence agencies have prepared to track targets training in these online gaming forums for terrorist actions by building mass-collection capabilities against the Xbox Live console network, which has more than 48 million players.

The spying organizations have also deployed agents in the virtual realms, whether they be hidden amongst hordes of Orcs in World of Warcraft or posing as human avatars in Second Life.

They targeted Al Qaida terrorists, Chinese hackers, an Iranian nuclear scientist, Hizballah, and Hamas members, the documents show.

According to the New York Times, by the end of 2008 GCHQ had set up its “first operational deployment into Second Life” and had helped the police in London to crack down on a crime ring that had moved into virtual worlds to sell stolen credit card information.

The operation, code-named Operation Galician, was aided by an informer using a digital avatar “who helpfully volunteered information on the target group’s latest activities”, the newspaper quoted the files as saying.

Online gaming was so thick with spies at the time of the files’ release, agents were all “very interested in forming a deconfliction and tipping group” to avoid bumping into each other, the documents say.

GVEs are, in fact, “an opportunity!” the NSA enthused, presenting the capability of computer network exploitation, social network analysis, tracking of identity via photos and other IDs, geo-location of targets, and sweeping up communications.

From the files:

It has been well documented that terrorist [sic] are OPSEC and tech saavy [sic] and are only getting more so over time. These applications and their servers however, are trusted by their users and makes an [sic] connection to another computer on the Internet, which can then be exploited. Through target buddylists and interaction found in the gaming and on gaming web sites, social networks can be diagramed [sic] and previously unknown SIGINT leads and connections and terrorists cells discovered.

But while online gaming sounds perfect for use by terrorist networks, and while it might very well present a ripe opportunity for intelligence agents to track them or trip them up, actually finding terrorists is, apparently, another matter entirely.

At any rate, beyond the London crime ring, if the NSA or GCHQ have ever stopped a terrorist attack or found terrorists operating in online gaming, the documents don’t describe it.

The New York Times reports that according to one document, while GCHQ was testing its ability to spy on Second Life in real time, its officers collected three days’ worth of Second Life chat, instant message and financial transaction data, totaling 176,677 lines of data, including the content of the communications.

The documents don’t describe, however, the broader scope of communications collected. Neither did the NSA bring up issues about gamers’ privacy in the documents, describe how the agencies access the data, nor make clear how it was avoiding the illegal monitoring of innocent US persons whose identity and nationality may have been hidden behind an avatar.

A spokesman for Blizzard Entertainment, the company behind World of Warcraft, told then Guardian that whatever surveillance that might have taken place would have happened behind the company’s back:

We are unaware of any surveillance taking place. If it was, it would have been done without our knowledge or permission.

Microsoft declined to comment, as did Philip Rosedale, the founder of Second Life and former CEO of Linden Lab, the game’s operator, while company executives didn’t respond to the news outlets’ requests for comment.

As far as whether gaming surveillance is ongoing, the US government, at least, isn’t saying.

There have been discussion threads in gaming forums that show that since the Snowden revelations began, gamers have worried whether they were being monitored.

Now, we know.

Follow @LisaVaas

Follow @NakedSecurity

Image from World of Warcraft wallpaper courtesy of http://dark.pozadia.org/.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/pipqx_7mdE4/

The business case for a multi-tenant, cloud-based Recovery-as-a-Service solution

City of London Police are claiming credit for the suspension of 40 ad-funded websites that provided unauthorised access to copyright-protected content – but may have caused a rise in the number of web ads carrying malware or promoting pornography.

Operation Creative has resulted in the suspension of 40 national and international websites by domain name registrars during a three month pilot. The campaign was led by the new Police Intellectual Property Crime Unit (PIPCU) in collaboration with the creative industry, as represented by FACT (Federation Against Copyright Theft), the BPI (British Phonographic Industry), IFPI (International Federation of the Phonographic Industry) and The Publishers Association.

Also in at the death was the advertising industry, represented by the Internet Advertising Bureau UK, the Incorporated Society of British Advertisers and the Institute of Practitioners in Advertising.

During the pilot, adverts from well-known brands on 61 targeted websites decreased by 12 per cent. But adverts that led users to sites with explicit adult content or exposed them to malware increased by 39 per cent during the same period.

Police put a positive spin on this development, arguing that switching to shadier sources of advertising is unsustainable and that “site owners may struggle to maintain their revenue streams when adverts from established brands are removed”.

Almost half (46 per cent) of total ads served to the sites were for unknown or unidentified brands which invited users to click through, often to fraudulent scams.

The campaign took a carrot and stick approach to clamping down on sites that brought in ad revenue by streaming content they didn’t own, as a statement by the City of London Police explains:

Once illegal activity was confirmed by analysts from the City of London Police, a formal ‘prevention and deterrent’ process began to encourage infringing websites to engage with the police, to correct their behaviour and to begin to operate legitimately.

Details of those failing to respond to this approach were then passed to a group of 60 brands, agencies and advertising technology businesses with a request to stop advertising on these websites.

In the case of persistent infringers, PIPCU sent out formal letters to domain name registrars explaining that they were hosting websites facilitating criminal copyright infringement under UK law as well as potentially breaching their terms and conditions. Registrars were asked to suspend these websites.

Superintendent Bob Wishart, from PIPCU, said: “Operation Creative is being run by PIPCU and the digital and advertising sectors to really get to grips with a criminal industry that is making substantial profits by providing and actively promoting access to illegally obtained and copyrighted material.”

“Together we have created a process that first and foremost encourages offenders to change their behaviour so they are operating within the law. However, if they refuse to comply we now have the means to persuade businesses to move their advertising to different platforms and, if offending continues, for registrars to suspend the websites.

“The success of Creative thus far is evidence of a growing international consensus that people should not be allowed to illegally profiteer from the honest endeavours of legitimate business enterprises,” he added.

Geoff Taylor, chief executive of the BPI, said: “The early results from Operation Creative show that through working with the police and the online advertising industry, we can begin to disrupt the funding that sustains illegal websites. These sites expose consumers to scams and malware, deny creators their living, and harm brands by associating them with illegal and unsafe content.”

“We hope to broaden the initiative to include more brands, advertising networks and other online intermediaries, to support innovation and growth in the legal digital music sector,” he added.

David Ellison, ISBA’s Marketing Services Manager, said: “The vast sums brands invest in their online advertising can easily be eclipsed by the damage that can be done to a brand’s reputation by one misplaced advert.”

“Initiative Operation Creative helps to protect advertisers by ensuring that their ads don’t appear on illegal, IP infringing websites, thereby starving these sites of revenue advertisers unwittingly provide. The pilot scheme proves that this project can make a difference,” he added.

PIPCU is based at the City of London Police. It was established to protect UK industries that produce both physical goods and online and digital content from counterfeiting and piracy. The operationally independent unit is initially being funded by the Intellectual Property Office, which is part of the Department for Business, Innovation and Skills. ®

Email delivery: Hate phishing emails? You’ll love DMARC

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/12/10/streaming_website_clampdown/