Ruben Unteregger has worked for a long time as a software-engineer for the Swiss company ERA IT Solutions. His job there was to code malware that would invade PCs of private users, and allow the wiretapping of VoIP calls — in particular, calls made through Skype. In the German-speaking areas of the country, the Trojans were called ‘Bundestrojaner’ because the Swiss government was involved with their development and use.

Surveillance blimps provide an eye in the sky.

The US Army this week showed off its latest high-tech blimp laden with powerful radar systems capable of detecting incoming threats 340 miles away. The helium-filled blimps or aerostats are designed to hover over war zones or high-security areas and be on guard for incoming missiles or other threats… the $1.4 billion JLENS is a large, unpowered elevated sensor moored to the ground by a long cable… they can stay aloft up to 30 days at a time providing 24-hour per day coverage over an extended area… aerostat with round-the-clock video and sound surveillance capability was parked several thousand feet above Kabul to monitor last week’s elections in Afghanistan… Military scientists in April got the go ahead to build a roughly 1/3-scale model of a stratospheric airship that if completed in-scale will basically house a floating 15-story radar system capable of detecting and tracking everything from small cruise missiles and unmanned aerial vehicles to soldiers and small vehicles under foliage up to 300 kilometers away.

Lots of coverage of a hacking ring that allegedly stole at least 130m accounts from big retail companies.

Albert Gonzalez, 28, of Miami, who once worked with the US secret service, is accused of working with two unidentified Russian conspirators to hack into the databases of retail chains, selling the information around the world… Gonzalez — known online as “soupnazi” — was formerly employed by the US secret service to track down hackers, but was found to have been passing information on investigations to criminals… They used an SQL injection attack to steal the data and used computers in California, Illinois, New Jersey, Latvia, Ukraine, and the Netherlands for storing malware and stolen data and launching attacks… They also allegedly installed backdoors and sniffers to intercept data in real time as it was processed by the victims and tried to hide their actions by accessing the victim networks through proxy computers, modifying their software so as to evade detection by antivirus programs and programming it to delete traces of the malware from victim networks, according to the indictment… Mr. Gonzalez had lived a lavish lifestyle in Miami, once spending $75,000 on a birthday party for himself…

Security breach at Network Solutions, the original global domain name registrar.

Network Solutions is investigating a breach on its servers that may have led to the theft of credit card data of 573,928 people who made purchases on… 4,343 of its nearly 10,000 e-commerce sites… It affects 573,928 cardholders whose name, address, and credit card number were exposed between March 12 and June 8… Credit card transactions were intentionally diverted by an unknown source from certain Network Solutions servers to servers outside… Affected consumers will get 12 months of free credit-monitoring services.

Research (pdf via Schneier) arguing that a six-digit PIN is the optimal web password provided a ‘three-strikes’ rule is in place.

Barnaby Jack, a security researcher at the computer networking giant Juniper, had planned to hack into an automatic teller machine (ATM) live onstage at the Black Hat Security Conference in Las Vegas later this month. But his presentation, designed to demonstrate the insecurity of various ATMs, attracted the attention of the financial industry as well as security professionals, and under pressure from ATM manufacturers, Juniper canceled the presentation last week, citing concerns that the vulnerabilities involved had still not been fixed… The presentation would have focused on exploiting vulnerabilities in devices running the Windows CE operating system, including some ATMs… In November 2008, thieves stole nearly $9 million from more than 130 cash machines in a matter of hours using fake payroll cards…

The US and Russia are at odds in negotiations to limit the militarisation of cyberspace. The Russians want a treaty, similar to those on chemical and biological weapons. The US wants better information sharing among law enforcement and the right for government actors to investigate suspected violations without the knowledge or permission of the host country.

Many countries, including the United States, are developing weapons… like “logic bombs” that can be hidden in computers to halt them at crucial times or damage circuitry; “botnets” that can disable or spy on Web sites and networks; or microwave radiation devices that can burn out computer circuits miles away… The Pentagon is planning to create a military command to prepare for both defense and offensive computer warfare… Russia’s proposed treaty would ban a country from secretly embedding malicious codes or circuitry that could be later activated from afar in the event of war…

China has developed more secure operating software for its tens of millions of computers and is already installing it on government and military systems… The secure operating system, known as Kylin, was disclosed to Congress during recent hearings… U.S. offensive cyberwar capabilities have been focused on getting into Chinese government and military computers outfitted with less secure operating systems like those made by Microsoft Corp.

The Oyster card — used by public-transit systems all over the world — has been thoroughly hacked, now remotely.

At the IEEE Symposium on Security and Privacy… researchers from Radboud University, in the Netherlands, will demonstrate a new, even easier… attack, which requires only a cheap, off-the-shelf card reader and an ordinary computer… can pull sensitive data out of a card in less than a second – even if the attacker has no physical access to the card… The researchers use an off-the-shelf reader to make a series of strategic requests of a card. As the card tries to determine whether it should trust the reader, it inadvertently reveals enough information for the attacker to guess the correct secret key.

Commercial businesses that store data (and governments too) have got to recognise that there are attendant responsibilities.

Hackers… broke into a Virginia state Web site used by pharmacists to track prescription drug abuse. They deleted records on more than 8 million patients and replaced the site’s homepage with a ransom note demanding $10 million for the return of the records, according to a posting on Wikileaks.org, an online clearinghouse for leaked documents.

“I have your shit! In *my* possession, right now, are 8,257,378 patient records and a total of 35,548,087 prescriptions. Also, I made an encrypted backup and deleted the original. Unfortunately for Virginia, their backups seem to have gone missing, too. Uhoh :(For $10 million, I will gladly send along the password.”

The United Kingdom’s MI6 agency acknowledged this week that in 2006 it had to scrap a multi-million-dollar undercover drug operation after an agent left a memory stick filled with top-secret data on a transit coach.

Schneier: the botnet wars are heating up, and botnet designers would rather destroy their networks than have them fall into “enemy” hands…

Roman Hüssy, a 21-year-old Swiss information technology expert, who last month witnessed a collection of more than 100,000 hacked Microsoft Windows systems tearing themselves apart at the command of their cyber criminal overlords.

Somewhat muddled thinking on the national security implications of cyber security. Lots of people think they could help, for a cut of the federal budget.

Good analysis of an April incident in which fibre connections were cut by unknown parties.

Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes serving the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city… The city of Morgan Hill and parts of three counties lost 911 service, cellular mobile telephone communications, land-line telephone, DSL internet and private networks, central station fire and burglar alarms, ATMs, credit card terminals, and monitoring of critical utilities… Cell phones failed. Cellular towers can not, in general, connect phone calls on their own… networks depend on outside services to match host names to network addresses, and thus stop operating the moment they are disconnected from the internet…

The Chinese bot network meme.

A vast electronic spying operation has infiltrated computers and has stolen documents from at least 1,295 computers in 103 countries, including many belonging to embassies, foreign ministries and other government offices… researchers, who have a record of detecting computer espionage, said they believed that in addition to the spying on the Dalai Lama, the system, which they called GhostNet, was focused on the governments of South Asian and Southeast Asian countries… The researchers were able to monitor the commands given to infected computers and to see the names of documents retrieved by the spies, but in most cases the contents of the stolen files have not been determined… Although the Canadian researchers said that most of the computers behind the spying were in China, they cautioned against concluding that China’s government was involved.