Geographic location of infected computers in the Symantec report.
(Credit:Â Symantec)
Hackers targeted about 50 organizations–including chemical and defense companies–in a global wave of cyber espionage attacks this summer, Symantec said in a report released today.
The goal apparently was to steal intellectual property such as design documents, formulas, and manufacturing processes. “The purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage,” according to the report. (PDF)
Meanwhile, French nuclear power group Areva was reportedly targeted in a cyber attack in September.
Read More
A retired Garda inspector has described investigations into the alleged interception of cross-border telephone calls between the RUC and GardaĂ by the IRA, leading to the murder of two senior RUC officers.
Retired inspector Chris Kelly was asked to carry out an investigation in 2009 following an article that appeared in the Phoenix magazine, claiming that the IRA had a bug the organisation used to intercept phone calls between Dundalk garda station and the RUC over secure lines.
Read More
Lawyers who are made privy to the identity of police phone bugging and surveillance targets will face up to two years’ jail if they disclose the information, the Victorian government says.
The minister responsible for the establishment of an anti-corruption commission, Andrew McIntosh, has released the legislation setting up public interest monitors (PIMs).
The PIM, and his or her deputies, will attend court and tribunal hearings where police or Office of Police Integrity (OPI) representatives apply for permission to tap someone’s phone or track them using surveillance devices.
They will also appear at warrant applications made by the yet to be established Independent Broadbased Anti-Corruption Commission.
The draft law follows Ombudsman George Brouwer’s finding earlier this month that there was an accountability gap regarding telephone intercepts in Victoria.
He recommended the government develop measures to allow the merit of telecommunication intercepts to be assessed.
Mr McIntosh told the parliament the PIMs would be lawyers who would have to act independently and not be employed by the commonwealth, the state or the Office of Public Prosecutions.
They would attend application hearings in the courts where they would have the right to question warrant applicants and have access to a copy of the application and any affidavit.
If a PIM disclosed the sensitive information to others they would face two years’ jail.
Mr McIntosh said last year alone Victoria Police and the OPI made 424 applications for telecommunications interception warrants and all had been granted.
It was a similar situation with surveillance device warrants.
“Covert investigation and coercive powers, such as surveillance devices (and) telecommunications interceptions … are among the most intrusive powers available to integrity and law enforcement bodies in Victoria,” he said.
“Strong accountability measures should exist for the use of such significant powers.”
The legislation will be debated in the lower house next month.
Used to be if spies wanted to eavesdrop, they planted a bug. These days, it’s much easier. Because we all carry potential bugs in our pockets—smartphones. One team of researchers used an iPhone to track typing on a nearby computer keyboard with up to 80 percent accuracy. They presented the findings at a computer security conference in Chicago. [Philip Marquardt et al., (sp)iPhone: Decoding Vibrations from Nearby Keyboards Using Mobile Phone Accelerometers, 18th ACM Conference on Computer and Communications Security]
The researchers designed a malicious app for the iPhone 4. When you place the phone near a keyboard, it exploits accelerometer and gyroscope data to sense vibrations as the victim types—detecting whether keystrokes come from the left or right side of the keyboard, and how near or far subsequent keys are from each other. Then, using that seismic fingerprint, the app checks a pre-created “vibrational” dictionary for the most likely words—a technique that works reliably on words of three letters or more.
Of course, you’d need to install the app to allow it to spy. But whereas most apps have to ask permission to access location data or the camera, that’s not so for the accelerometer. This kind of attack may offer good reason to limit accelerometer access too—and keep iPhones from becoming “spiPhones.”
—Christopher Intagliata
Daniel Nemukuyu
TWO Africom Holdings bosses and a Harare businessman yesterday appeared in court on espionage charges after they reportedly illegally set up satellite communication equipment and leaked official secrets to foreign countries.
Africom acting chief executive Simba Mangwende and non-executive director Farai Rwodzi, together with Oliver Chiku of Global Satellite Systems, are also being charged with contravening Section 33 (i) of the Postal and Telecommunications Act that makes it an offence for one to illegally possess, control or work for a radio station.
The trio allegedly connived to install communication equipment at a yet-to-be-disclosed location and connecting it to the Africom main network system without the authority or knowledge of Africom management and the Post and Telecommunications Regulatory Authority of Zimbabwe.
It is the State’s case that between July this year and Thursday this week, the three sent confidential security information to Canada, the United States and Afghanistan.
The communication system was linked into the Africom system without the knowledge and authority of the company management, the State alleges.
The three – who were represented by Artherstone and Cook, IEG Musimbe and Wintertons law firms – were provisionally remanded in custody to today for a hearing on preliminary arguments.
Harare area public prosecutor Mr Jonathan Murombedzi appeared for the State, while provincial magistrate Mr Munamato Mutevedzi presided over the matter.
Mr Mutevedzi said he will make an effort to seek authority for the court to sit today, but he did not make a promise.
If the matter is not heard today, it will continue on Monday.
Yesterday, the defence team challenged the authority to prosecute presented by Mr Murombedzi during the initial remand in respect of the espionage charge saying it was not signed by the Attorney-General Mr Johannes Tomana.
According to the Official Secrets Act, the AG should authorise the prosecution of such serious matters.
It was the defence’s argument that the law did not allow the AG to delegate his power of signing the document after it emerged that one of Mr Tomana’s deputies had signed on his behalf.
The defence team argues that the deputy AG, who is said to have signed, did not write his or her name on the document.
Mr Mutevedzi reserved ruling on the prosecuting authority challenge.
The lawyers are yet to make bail applications.
According to the State papers, between July and October 27 this year, the three hatched a plan to send messages to the US, Canada and Afghanistan about confidential data from Government ministries.
It is alleged Chiku, who is connected to a Canadian firm called Juch Tech, invited the company’s representatives to Zimbabwe.
Juch Tech is reportedly hostile to the Zimbabwean Government.
While in Zimbabwe, Chiku allegedly organised a meeting with Rwodzi and discussed the installation of satellite dishes and other equipment capable of transmitting Internet voice over the Internet protocol.
The two allegedly agreed and Rwodzi referred Chiku and Juch Tech representatives to Mangwende.
Mangwende, the State alleges, then instructed Africom engineers to install the equipment brought in by Chiku and the Canadians.
The equipment was tested and it was fully operational.
Thereafter, the Canadians left the country and police investigations established that the three had bought the equipment in their personal capacities.
They allegedly operated the system for three months before their arrest.
Espionage is a serious offence which falls under Section 3c (ii) of the Official Secrets Act.
If convicted, one faces a jail term of up to 25 years.
