'Red October' cyber-attack found

14 January 2013 Last updated at 08:26 ET By Dave Lee Technology reporter, BBC News

A major cyber-attack that may have been stealing confidential documents since 2007 has been discovered by Russian researchers.

Kaspersky Labs told the BBC the malware targeted government institutions such as embassies, nuclear research centres and oil and gas institutes.

It was designed to steal encrypted files - and was even able to recover files that had been deleted.

One expert described the attack find as "very significant".

"It appears to be trying to suck up all the usual things - word documents, PDFs, all the things you'd expect," said Prof Alan Woodward, from the University of Surrey.

"But a couple of the file extensions it's going after are very specific encrypted files."

In a statement, Kaspersky Labs said: "The primary focus of this campaign targets countries in Eastern Europe, former USSR Republics, and countries in Central Asia, although victims can be found everywhere, including Western Europe and North America.

"The main objective of the attackers was to gather sensitive documents from the compromised organisations, which included geopolitical intelligence, credentials to access classified computer systems, and data from personal mobile devices and network equipment."

'Carefully selected'

In an interview with the BBC, the company's chief malware researcher Vitaly Kamluk said victims had been carefully selected.

"It was discovered in October last year," Mr Kamluk said.

"We initiated our checks and quite quickly understood that is this a massive cyber-attack campaign.

"There were a quite limited set of targets that were affected - they were carefully selected. They seem to be related to some high-profile organisations."

Red October - which is named after a Russian submarine featured in the Tom Clancy novel The Hunt For Red October - bears many similarities with Flame, a cyber-attack discovered last year.

Like Flame, Red October is made up of several distinct modules, each with a set objective or function.

Continue reading the main story

Red October is said to be one of the most significant attacks ever to be discovered. Key facts include:

• It has been operating since 2007
• Attackers created more than 60 domain names to run the attack, based mostly in Germany and Russia
• Specifically targeted "Cryptofiler" files - an encryption technique used by organisations like Nato and the EU
• Most infection connections were found coming from Switzerland, followed by Kazakhstan and Greece
• Intended targets received personalised correspondence based on gathered intelligence on individual people
• Unlike Stuxnet, another major cyber-attack, Red October is not believed to have caused any physical damage to infrastructure, concentrating solely on stealing information

Source: Kaspersky Labs

"There is a special module for recovering deleted files from USB sticks," Mr Kamluk said.

"It monitors when a USB stick is plugged in, and it will try to undelete files. We haven't seen anything like that in a malware before."

Also unique to Red October was its ability to hide on a machine as if deleted, said Prof Woodward.

"If it's discovered, it hides.

"When everyone thinks the coast is clear, you just send an email and 'boof' it's back and active again."

Cracked encryption

Other modules were designed to target files encrypted using a system known as Cryptofiler - an encryption standard that used to be in widespread use by intelligence agencies but is now less common.

Prof Woodward explained that while Cryptofiler is no longer used for extremely sensitive documents, it is still used by the likes of Nato for protecting privacy and other information that could be valuable to hackers.

Red October's targeting of Cryptofiler files could suggest its encryption methods had been "cracked" by the attackers.

Like most malware attacks, there are clues as to its origin - however security experts warn that any calling cards found within the attack's code could in fact be an attempt to throw investigators off the real scent.

Kaspersky's Mr Kamluk said the code was littered with broken, Russian-influenced English.

"We've seen use of the word 'proga' - a slang word common among Russians which means program or application. It's not used in any other language as far as we know."

But Prof Woodward added: "In the sneaky old world of espionage, it could be a false flag exercise. You can't take those things at face value."

Kaspersky's research indicated there were 55,000 connection targets within 250 different IP addresses. In simpler terms, this means that large numbers of computers were infected in single locations - possibly government buildings or facilities.

A 100-page report into the malware is to be published later this week, the company said.

23.43 | 0 komentar | Read More

Baidu launches browser for Africa

14 January 2013 Last updated at 06:13 ET

Chinese search giant Baidu and France Telecom are collaborating on a browser for low-end smartphones sold in Africa.

France Telecom has about 80 million customers across Africa and the web browser will be pre-installed on phones sold by the company's operators there.

It will also be available as a download for phones on other networks and via a text message link.

France Telecom said slow data speeds on African mobile networks made it hard to support full blown web-browsing.

The new browser would ease the burden on networks by using specially written code that reduces the amount of data that has to be passed back and forth when visiting popular sites such as Facebook and Twitter.

Dedicated icons on the main screen of the basic smartphones being sold by France Telecom and its subsidiary Orange would connect users straight to the most popular sites.

"We want to make the mobile internet as ubiquitous as possible as fast as possible," said Xavier Perret, head of partnerships at Orange.

Mr Perret said that while mobile phones were hugely popular in Africa, most people used very basic mobiles or feature phones rather than the more sophisticated smartphones seen in the US and Europe.

But people were starting to upgrade in large numbers to low-end smartphones, such as Nokia's Asha handsets, and were keen to start browsing the web using the devices.

Mr Perret said France Telecom had partnered with Baidu because the search firm had helped mobile networks in in its home market of China cope with a similar switch from basic mobiles to low-end smartphones.

The browser, available in Arabic and English, will be launched in Egypt. A French version is also being developed.

23.43 | 0 komentar | Read More

Aaron Swartz investigation launched

14 January 2013 Last updated at 06:31 ET By Zoe Kleinman Technology reporter, BBC News

The president of the Massachusetts Institute of Technology (MIT) has asked for an internal investigation into its role in Aaron Swartz's prosecution.

Web activist and developer Mr Swartz, who killed himself on Friday, was facing hacking charges in the US.

He was accused of illegally downloading research documents from academic service JSTOR, using MIT networks.

If found guilty, he could have faced up to 35 years in prison following his trial, scheduled to start next month.

He could also have had to pay a fine of more than $1m for downloading material from the subscription-only research archive.

Mr Swartz had intended to plead not guilty to charges of computer fraud and wire fraud.

Mr Swartz's family issued a statement stating the actions of both MIT and the Massachusetts US Attorney's office had contributed to his death.

"Aaron's death is not simply a personal tragedy. It is the product of a criminal justice system rife with intimidation and prosecutorial overreach," they said.

When Mr Swartz was charged, Massachusetts US Attorney Carmen Ortiz had said: "Stealing is stealing whether you use a computer command or a crowbar, and whether you take documents, data or dollars."

On Monday, MIT president L Rafael Reif praised the "brilliant creativity and idealism" of Mr Swartz, 26, who had been an early developer of the Reddit community.

"It pains me to think that MIT played any role in a series of events that have ended in tragedy," he said in a statement to staff.

"Now is a time for everyone involved to reflect on their actions, and that includes all of us at MIT."

He said he had asked his colleague, Prof Hal Abelson, to analyse how MIT had behaved when it had first discovered "unusual activity" on its network in 2010, what decisions it had made and what its options had been at the time.

"I want to express very clearly that I and all of us at MIT are extremely saddened by the death of this promising young man who touched the lives of so many," he said.

Many people have said that the penalties facing Mr Swartz were unfair.

However, in a blog post, Orin Kerr, a professor of law at the George Washington University Law School, wrote the actions of the prosecutors had been "based on a fair reading of the law".

"None of the charges involved aggressive readings of the law or any apparent prosecutorial overreach," he said.

"All of the charges were based on established case law."

Academics have since taken to Twitter to release their research free in tribute to Mr Swartz, using the hashtag "PDFtribute".

23.43 | 0 komentar | Read More

Java still flawed after update

14 January 2013 Last updated at 10:23 ET

Oracle issued an emergency update to its widely-used Java web software on Sunday, but experts say it still contains security flaws.

Last week the US government advised users to disable it because of a bug that leaves computers vulnerable to being hacked.

Security specialists claim the fix has not done enough to make PCs secure.

Oracle says that more than one billion people use Java, and some games like Minecraft are built around it.

The bugs can make a computer open to infection by viruses. Last year net security specialist Kaspersky said that 50% of hacks carried out by seeking out software bugs were done via Java.

"We don't dare to tell users that it's safe to enable Java again," Adam Gowdiak, a researcher with Poland's Security Explorations told Reuters.

In a blog about the "unscheduled" update, Oracle says it has changed Java's default security settings to "high" which it says means users will be notified of any extra applications which start running while they are browsing.

Oracle says the vulnerability applies to the latest version of the software, Java 7. It has declined to comment.

Java is a programming language that enables software to run on many operating systems. It is also installable on web browsers.

23.43 | 0 komentar | Read More

China's Tencent denies censorship

14 January 2013 Last updated at 09:01 ET

Chinese web giant Tencent has denied claims that there is global censoring of its popular chat app WeChat.

It said a technical glitch had led to certain sensitive terms being blocked outside China.

Tech blogs Tech in Asia and The Next Web both reported receiving messages saying their chat entries contained "restricted words".

But one analyst told the BBC it was unlikely that the issue was just a "passing glitch".

The Next Web tried to write the words "Falun Gong", a group banned in China, and Tech in Asia attempted to send "Southern Weekend", the name of a newspaper in the south of the country that is at the moment the subject of a controversy surrounding censorship.

The blogs said their entries were blocked.

The Chinese government is known to closely monitor internet traffic within China, and all web content that crosses the state's borders.

China's Great Firewall prevents a number of Western companies such as YouTube, Google+, Twitter, Dropbox, Facebook and Foursquare from operating inside the country. The authorities also demand self-policing from local websites.

'Growing pains'

Continue reading the main story

Zhuang Chen BBC Chinese

---

Tencent's WeChat is one of China's rare social media apps that has gained popularity overseas. The company boasts nearly 300 million users in 100 countries and regions.

Innovative and user-friendly the app may be, but the product's Achilles heel is the censorship by the Chinese authorities, with sensitive words and phrases blocked.

Chinese internet users, who have to register on the Twitter-like Weibo with their real names, have long fought a cat-and-mouse game with the authorities. They might wonder, given the choices foreign users have, why they would sign up to a service watched by the authorities.

Tencent has to work harder to deal with the concerns of censorship with its international WeChat users. Unfortunately, this is an issue on which they may not have the final say.

When approached by Tech in Asia, Tencent issued a statement, saying: "A small number of WeChat international users were not able to send certain messages due to a technical glitch [last] Thursday.

"Immediate actions have been taken to rectify it. We apologise for any inconvenience it has caused to our users.

"We will continue to improve the product features and technological support to provide better user experience."

But Tom Rafferty of the Economist Intelligence Unit told the BBC the issue was unlikely to be just "a passing glitch", and said that such practices could pose technical and political challenges to Tencent because international users were accustomed to sharing information freely.

"The latest incident... is representative of the 'growing pains' that China's internet and social media companies are likely to experience as they expand globally," he said.

"The servers of such companies are typically based in China, which means the traffic they process will always potentially be vulnerable to monitoring.

"It goes against the grain of domestic censorship regulations, which show no clear signs of being loosened.

"Domestic users, many of whom already baulk at the level of censorship imposed on them, would react unfavourably if Tencent were to offer unfiltered content to overseas users."

According to Tencent, whose services include instant messaging service QQ, microblogging site Tencent Weibo - which is similar to Twitter - and online games, WeChat has close to 300 million users.

That makes it one of the world's biggest messaging apps.

23.43 | 0 komentar | Read More

Patent surge reveals graphene race

15 January 2013 Last updated at 01:04 ET By David Shukman Science editor, BBC News

A surge in research into the novel material graphene reveals an intensifying global contest to lead a potential industrial revolution.

Latest figures show a sharp rise in patents filed to claim rights over different aspects of graphene since 2007, with a further spike last year.

China leads the field as the country with the most patents.

The South Korean electronics giant Samsung stands out as the company with most to its name.

The figures, compiled by a UK-based patent consultancy, CambridgeIP, highlight how Britain, which pioneered research into graphene, may be falling behind its rivals.

Nationality	Number of graphene patent publications
Source: Q Tannock, CambridgeIP, 2013
Chinese entities	2,204
US entities	1,754
South Korean entities	1,160
United Kingdom entities	54

Only identified in 2004, graphene is a single layer of carbon atoms making it the thinnest material ever created and offering huge promise for a host of applications from IT to energy to medicine.

Continue reading the main story

"Start Quote

We need to raise our game... It's the classic problem of Britain inventing something and other countries developing it"

End Quote David Willetts UK Science Minister

Flexible touchscreens, lighting within walls and enhanced batteries are among the likely first applications.

Early work on graphene by two Russian scientists at the University of Manchester, Andrei Geim and Konstantin Novosolev, earned them a shared Nobel Prize in 2010 and then knighthoods.

The material - described as being far stronger than diamond, much more conductive than copper and as flexible as rubber - is now at the heart of a worldwide contest to exploit its properties and develop techniques to commercialise it.

The Chancellor of the Exchequer, George Osborne, announced further funding for graphene research last month, bringing the total of UK government support to more than £60m.

Please turn on JavaScript. Media requires JavaScript to play.

The BBC's David Shukman explains how graphene is the thinnest material ever made

But the tally of patents - an essential first step to turning a profit from a substance still based in the lab - shows how intense the worldwide competition has become.

According to new figures from CambridgeIP, there were 7,351 graphene patents and patent applications across the world by the end of last year - a remarkably high number for a material only recognized for less than a decade.

Of that total, Chinese institutions and corporations have the most with 2,200 - the largest number of any country and clear evidence of Chinese determination to capitalise on graphene's future value.

The US ranks second with 1,754 patents. The UK, which kickstarted the field with the original research back in 2004, has only 54 - of which 16 are held by Manchester University.

UK science minister David Willetts, who has identified graphene as a national research priority, said the figures show that "we need to raise our game".

Continue reading the main story

Graphene

• Graphene is a form of carbon that exists as a sheet, one atom thick
• Atoms are arranged into a two-dimensional honeycomb structure
• Discovery of graphene announced in 2004 by the journal Science
• About 100 times stronger than steel; conducts electricity better than copper
• Touted as possible replacement for silicon in electronics
• About 1% of graphene mixed into plastics could make them conductive

"It's the classic problem of Britain inventing something and other countries developing it."

Most striking of all the figures is that the South Korean electronics giant Samsung leads the corporate field with an immense total 407 patents. America's IBM is second with 134.

The chairman of CambridgeIP, Quentin Tannock, told the BBC: "There's incredible interest around the world - and from 2007 onwards we see a massive spike in filings all over the world particularly in the USA Asia and Europe."

But he warned that despite the British government's support, there was a serious risk that the UK may lose out.

"Britain has got a reputation for being very canny, having very good inventors, so the race isn't over.

"But my concern is that in Britain there isn't an appreciation of just how competitive the race for value in graphene is internationally, and just how focused and well-resourced our competitors are.

"And that leads to a risk that we might underinvest in graphene as an area and that therefore we might look back in 20 years' time with hindsight and say 'that was wonderful, we got a lot of value, but we didn't get as much as we should have done'."

Research institute (Country)	Number of graphene patent publications
Source: Q Tannock, CambridgeIP, 2013
Sungkyunkwan University (South Korea)	134
Zhejiang University (China)	97
Tsinghua University (China)	92
Rice University (US)	56
Massachusetts Institute of Technology (US)	34
Manchester University	16

The head of graphene research at the National University of Singapore confirmed to me that the material is now the subject of an intense contest.

Professor Antonio Castro Neto said: "It's extremely competitive not only from the point of view of science… but also from a business point of view because many many companies are starting to operate and sell graphene and graphene-related things."

He believes that Britain still has "the potential to compete and be as big as what's happening here in Asia".

"But Asia, especially Singapore, started early. They had the vision to start early - but we still have to see what's going to happen. There are lots of things going on and it will take time to find out who is going to win the race," he explained.

Beyond the horizon

However one of the scientists behind the original work on graphene, Professor Geim, told me that many Western companies lack the ability to pursue research.

"Industry is more worried not about what can be done, but what competitors are doing - they're afraid of losing the race.

"There is a huge gap between academia and industry and this gap has broadened during the last few decades after the end of Cold War, so I try as much as I can to reach to the industry.

"This is what has happened in last 30-40 years. We killed famous labs like Bell labs. Companies have slimmed down so they can no longer afford top research institutes. If something is happening in Korea it's because Samsung have an institute - there is nothing like that in this country.

"They can't see beyond a 10-year horizon and graphene is beyond this horizon."

European efforts may get a boost later this month when the European Commission announces the winners of a prize of one billion euros over 10 years for scientific research.

One of the six shortlisted entrants is a consortium of researchers under the banner Graphene Flagship.

And Mr Willetts, pointing to BP's commitment to establish a $100m graphene research facility in Manchester, said Britain could become "a world centre for graphene research" and attract more investment - but he admitted it was a difficult challenge.

Follow David on Twitter.

23.43 | 0 komentar | Read More

Apple suppliers' shares slump

15 January 2013 Last updated at 01:18 ET

Shares of Sharp and other suppliers of iPhone parts to Apple have fallen after reports of a cut in orders for the iPhone 5.

Apple has reduced orders by about 50% for its latest model, according to the Nikkei newspaper in Japan.

Sharp, which makes display panels for the device, slumped as much as 7% in Tokyo trade. Speaker-maker ACC Technologies fell 4.2% in Hong Kong.

Apple shares hit an 11-month low in New York on Monday after the report.

Apple has seen increased competition in the smartphone market in recent months.

South Korea's Samsung Electronics, which offers a wider variety of smartphones, recently overtook Apple as the world's largest smartphone maker by market share.

Some analysts have said that Apple will need to come out with a cheaper smartphone to target customers in emerging markets.

23.43 | 0 komentar | Read More

Gun lobby releases shooting game

15 January 2013 Last updated at 06:27 ET

The US National Rifle Association has launched a target range game for the iPhone and iPad, a month after the Sandy Hook Elementary School tragedy.

The game, which simulates a shooting practice, has been approved for children as young as four.

US Vice-President Joe Biden is expected to make recommendations on gun control to the White House on Tuesday.

President Barack Obama has announced he will lay out his plans for tackling gun violence later this week.

There have been calls for gun law reform after 26 children and teachers died at Sandy Hook Elementary School in Newtown, Connecticut.

NRA: Practice Range, billed as the NRA's "new mobile nerve center," says it "strikes the right balance of gaming and education" and delivers a "one-touch access to the NRA network of news, laws, facts, knowledge, safety tips, educational materials and online resources".

The player can practise shooting at targets, including some in the shape of coffins, and has a choice of nine firearms. Some of the guns can be upgraded for $0.99 (£0.62) each. The game is available in the UK.

The NRA was unable to be reached for comment.

The tragedy reignited debate over gun control in the United States, and Mr Obama asked Mr Biden to head a government task force to look at ways to reduce gun violence.

'Scapegoating'

Last week Mr Biden met with video game makers to discuss gun violence in popular media.

The video game industry has defended the use of gun violence in its games, saying that any attempt to regulate digital media was futile.

In open letter to Mr Biden, the Entertainment Consumers Association's vice-president Jennifer Mercurio wrote: "With the recent tragedy on everyone's minds, some people are looking for a cause and culprit other than the shooter.

"Unfortunately some are blaming media, including video games, for violent behaviour in individuals. We know this isn't the case; banning or regulating media content even more won't solve the issue."

International Game Developers Association chairman Daniel Greenberg also said the government should not be "scapegoating" the video game industry for society's ills.

"The US government did irreparable damage to the comic book industry in the 1950s by using faulty research to falsely blame juvenile delinquency and illiteracy on comic books. The comic book industry never recovered in sales to this day," he added.

"Censoring violent comic books did not reduce juvenile delinquency or increase literacy, it decimated the production of one of the few kinds of literature that at-risk youths read for pleasure. Censoring video games could have similar unintended consequences that we cannot currently foresee."

23.43 | 0 komentar | Read More

China mobile users in botnet warning

15 January 2013 Last updated at 07:23 ET

Security researchers say they have discovered a huge botnet running on the smartphones of more than a million unsuspecting mobile users in China.

The devices had been infected by a Trojan-based attack first discovered in 2011, news agency Xinhua reported.

The botnet can allow the smartphones to be hijacked remotely and potentially used for fraudulent purposes.

The warning comes as mobile internet use in the country has soared, growing by more than 18% in the past year.

There are now more than 420 million mobile users, according to the China Internet Network Information Center (Cinic).

The surge has attracted the attention of Apple chief executive Tim Cook, who met with the chairman of China Mobile last week.

Details of the meeting were scant, but a China Mobile spokesman said it was regarding "matters of co-operation" in the region.

While Apple already has deals with two Chinese mobile operators - China Unicom and China Telecom - it is yet to strike a partnership with China Mobile, the biggest operator in the world in terms of subscriber volume.

Security weaknesses

But this latest Trojan warning inflames worries over unlicensed third-party app stores - and the poor awareness among users over possible threats.

Unlike Apple's closed system for apps, in which the company must approve all products in its store, Google's platform is far more open.

In China specifically, local authorities even went as far as to warn operators to clean up security weaknesses in their mobile app stores.

Security firm Kingsoft Duba said last year that the Android.Troj.mdk Trojan had been found in more than 7,000 apps downloaded from non-Google-owned stores.

Despite warnings at the time, it is believed that the Trojan is still very much active and enabling the growth of the botnet.

Users have been advised to monitor their call and data logs for unusual activity.

23.43 | 0 komentar | Read More

Game makers released from Greek jail

15 January 2013 Last updated at 10:23 ET

Two Czech game developers arrested on suspicion of spying while on holiday in Greece have been released on bail.

Ivan Buchta and Martin Pezlar, who work for games firm Bohemia Interactive, were arrested in September 2012 on the island of Lemnos.

They were accused of flouting locals laws that prohibit people from taking pictures of military bases and installations.

The pair denied the charges and said they were visiting as tourists.

The decision to release them came as a direct result of diplomatic work by both the Greek and Czech governments, said a report on a webpage set up to co-ordinate the campaign to get the men released.

Czech newspapers said the pair would be able to return home on payment of bail of 5,000 euros (£4,160).

The two men got into trouble while on Lemnos for shooting video and taking pictures of a military airbase and were accused of spying by Greek authorities. If found guilty, Mr Buchta and Mr Pezlar faced spending up to 20 years in jail.

The two men are thought to have been arrested because their employer, Bohemia, has got into trouble with Greek authorities for taking pictures and shooting video for use in its games.

Bohemia is famous for producing games, such as Arma 3, which use very detailed and realistic virtual worlds. The disputed images and video shot in Greece were going to be used to help build one of its game worlds.

Despite this, Mr Buchta and Mr Pezlar said they were on Lemnos as tourists when they were arrested. They said they wanted to visit the island after getting to know it on earlier visits as part of the Bohemia data-gathering team.

The release of the two men does not mark the end of the case. They will have to return to Greece later in 2013 when it comes to court. It is not known when that will happen because many Greek court cases are being delayed because judges in the country have been on strike.

23.43 | 0 komentar | Read More