Researchers: Old School Criminology May Help Nab Cyber Criminals.

Researchers have developed a method in which they use old school criminology to bring down cyber criminals.

According to a research being conducted at the University of Maryland, cyber criminals are vulnerable to human failings just like their targets as it is a known fact that the biggest threat to network security is humans.

Michel Cukier, professor of reliability engineering and David Maimon, professor of criminology, are working together to study cyber crime on the lines of criminology and come up with recommendations that would help IT managers and security experts fight cyber crime, PC World reports.

The professors are examining cyber attacks from two perspectives, one of the victim and the other of the attacker. They studied attacks made on the university's network between 2007 and 2009 and concluded that successful cyber attacks were a result of motivated offenders, suitable victims and lack of guardians.

"We believe that criminological insights in the study of cybercrime are important, since they may support the development of concrete security policies that consider not only the technical element of cybercrime but also the human component," Maimon said in a statement.

Read More

Pace University launches cyber security institute.

November 30, 2011 – As cyber crime and cyber terrorism multiply, Pace University today launched an institute to help address the nation’s acute shortage of trained cyber security professionals.
 
Through partnerships with academia, industry, and government, the Seidenberg Cyber Security Institute at Pace is expected to be a hub of research and practical applications as well as hands-on training.
 
It will meet increasing demand.
• Jim Gosler, the founding director of the CIA's Clandestine Information Technology Office, has said that only about 1,000 security specialists in the United States have the specialized skills to operate effectively in cyberspace, while the US needs 10,000 to 30,000 such individuals.

• A 2010 report by the Center for Strategic and International Studies in Washington found that US nuclear and energy systems are under “continuous” cyber attack, that the US Defense Department has been “penetrated multiple times by other nation-states,” and that in October, 2008, “Express Scripts, one of the nations’ largest processors of pharmacy prescriptions, reported that extortionists had threatened to disclose personal and medical information on millions of Americans if the company failed to meet payment demands.”

• “As cyber security becomes an increasingly important aspect of national defense, rapid growth will occur among information technology specialists,” according to the latest Career Guide to Industries from the US Department of Labor.
 
Planning and auditing
The new institute is part of Pace’s 28-year-old Seidenberg School of Computer Science and Information Systems, one of the first comprehensive computing schools in the country.
 
“This institute will leverage the strengths of both Pace’s Lubin School of Business and Seidenberg School of Computer Science and Information Systems by focusing on information security management, planning and auditing,” said Constance Knapp, PhD, the interim dean of the Seidenberg School, who serves as one of the new institute’s co-directors.
 
The institute will be “a forum to propagate basic and applied research advances,” added the other co-director, Bel Raggad, PhD, a Seidenberg professor of information technology. Raggad is the author most recently of the 2010 book “Information Security Management: Concepts and Practice” (CRC Press), which Choice, the American Library Association’s review publication for academic libraries, describes as “one of the most comprehensive works to date on the topic.”
 
Rapid ramp-ups
For functional managers and senior executives who need to ramp up their security management knowledge rapidly, in the fall of 2013 the new Institute plans to offer a five-course program leading to a new certificate, Chief Information Security Management Officer (CISMO). Raggad says this credential is focused more on information security management, including security planning and auditing, than the well-known but more-technical CISSP (Certification for Information System Security Professional). Knowledge acquired in getting the CISMO will help in obtaining two other certificates that are earned through self study, the CISM and the CISA (Certified Information Security Manager and Certified Information Systems Auditor).
 
The following fall the Institute plans to offer a MS in Information Security Management, with a concentration in Security Planning and Auditing. The auditing emphasis will help meet institutions’ increasing demand for independent cyber security evaluations and recommendations.
 
Seidenberg cyber security activities follow the most commonly-used specifications for international security education as well as the National Training Standards of the USCommittee on National Security Systems.
 
In addition to preparing information security specialists for businesses and governments, the new Pace institute will
 
• drive research on immediately applicable approaches that integrate technology advances and policy;
• serve as a resource for public and private partnerships; and
• develop additional curricula for industry professionals.
 
Intruders and anthrax
Fully 25 percent of Seidenberg faculty members now are involved in teaching and research in cyber security, and the Institute builds on their expertise. Publications in leading journals have explored topics like employees’ attitudes toward computer security risks, detecting computer intruders, the value of computerized decision support systems in possible anthrax attacks, computer forensics, and keystroke biometrics for authenticating users. One of several cyber-oriented papers co-authored by faculty members at Pace’s Lubin School of Business has analyzed the impact of Sarbanes-Oxley regulations on computerized internal controls over financial reporting.
 
Seidenberg’s involvement with cyber security also includes its designation as a National Center of Academic Excellence in Information Assurance Education, its students’ receipt of several competitive scholarships through the Department of Defense Information Assurance Scholarship Program and the National Science Foundation’s Scholarship for Service Program, and its numerous security-related undergraduate, graduate, and continuing education courses and concentrations.

Read More

Product roundup: ‘Tis the season to tackle cyber crime.

While it may seem incongruous to raise such matters in the season of goodwill, this month’s products and schemes pages are dominated by cyber crime, fraud, litigation and a change at Biba’s oldest scheme as the association dispensed with Sterling’s services and replaced the insurer with Aqua for its high net worth scheme.

Brokers looking for an early Christmas present for their business could be tempted by the CyberProtect service underwritten by Zurich and supplied by Marchant McKechnie Insurance Brokers.

The scheme protects businesses against data loss and offers a range of services including forensic investigations to recover company data in the event of accidental loss or malicious deletion.

Or perhaps this festive period will see brokers unwrapping the latest offering from Dual Corporate Risks which has released a new management liability product for private companies keen to protect themselves against losses arising from internal fraud.

While we were unable to bring you a reindeer-related product we did manage to rustle up an equine delegated authority scheme from Rural Insurance.

Not quite Rudolph, Blitzen, Dasher and Prancer but still an opportune way to end by wishing you all a very merry Christmas and a prosperous, fraud and cyber crime-free New Year.

Read More

National Security Database to help prevent cyber war

Three years after the 26/11 Mumbai terror attacks, the National Security Database, a not-for-profit organisation backed by the Government, has finally been established with a view to counter cyber warfare-like situation. 

 

The NSD will act as a repository of cyber security experts and ethical hackers across the country to counter any mass attacks on cyber networks.

The need for such a body like the NSD was felt after the Mumbai terror strikes in which the terrorists used high-end gadgets like satellite phones and GPS devices and the security establishment did not have a mechanism to counter their moves or put them under technical surveillance.

Besides the availability of the databank of cyber security professionals, the Government will have at its command a team of experts to launch need-based defensive and offensive operations against the cyber attackers.

The National Technical Research Organisation (NTRO) has entered into a Memorandum of Understanding (MoU) with the Mumbai-based NSD that was launched on 26/11 this year for cooperation in the cyber security domian.

The NTRO, meanwhile, has increased the frequency of its participation in cyber security-related conferences with a view to raise the awareness amongst the stakeholders.

Cyber security expert and Director of Torrid Networks, Dhruv Soi told The Pioneer, “It is good that a national database of cyber security experts and ethical hackers is being developed.

This, coupled with organisation of conferences on cyber security, will help in overcoming the challenge of finding talent in the cyber security domain, especially in times of crisis situation.”

Elaborating further, Soi said security and IT professionals present the latest research papers during such conferences and participants can analyse the emerging threats and correspondingly take counter measures.

Read More

IT defences cost UK business £3bn a year

UK firms are expected to have invested an eye-popping £3 billion in IT security this year, according to consultancy firm PwC. Spending is also projected to continue rising at 10 per cent a year for the next three years.

PwC's latest report on the cyber security industry claims the increasing use of mobile devices and acceptance of cloud computing, combined with the growing threats those trends bring, are driving IT chiefs to spend more of their budget on IT security.

“Growing threats and awareness, and changes in technology such as mobile devices and cloud computing, are key drivers of spending growth in the cyber security market,” said Barry Jaber, PwC's security industry leader.

The report follows hot on the heels of a separate study by PwC, released this week, which highlighted the growing threat of cyber crime to UK businesses.

Nearly a quarter of UK businesses polled by PwC said they have been affected by more than 10 incidents of economic crime during the past year.

Cyber crime was the third most common type of crime reported.

Four out of ten firms reported that they lack the capabilities to detect and prevent cyber crime affecting their business.

Read More

966 cyber crime cases reported in 2010

New Delhi: With increasing penetration of technology, cyber crime is on the rise with 966 cases reported in 2010 under the IT Act, 2000, Communications and IT Minister Kapil Sibal Wednesday said.

"With the increase in the increasing proliferation of IT and related services, there is a rise in the number of cyber crimes and cyber security incidents," Sibal said in a written reply to the Lok Sabha.

According to data maintained by National Crime Records Bureau (NCRB), a total of 217, 288, 420 and 966 cyber crime cases were registered under the Information Technology Act, 2000, during 2007, 2008, 2009 and 2010, respectively, he said.

Sibal added that "...399, 176, 276 and 356 cyber crime cases were reported under Sections of Indian Penal Code (IPC) relating to cyber cases during 2007, 2008, 2009 and 2010, respectively".
   
The nature of cyber crime recorded by NCRB included tampering computer documents, hacking, obscene publication/ transmission in electronic media, unauthorised access/attempt to access protected computer system, breach of privacy/ confidentiality and digital signature related crimes.

Sibal said the IT (Amendment) Act, 2008 has been enforced on October 27, 2009 and provides a legal framework to address the issues connected with security breaches of IT infrastructure.

He added that the Indian Computer Emergency Response Team (CERT-In) issues alerts, advisories and guidelines regarding cyber security threats and measures to be taken to prevent cyber incidents and enhance security of IT systems.
   
In response to a separate question, Minister of State for IT and Communications Sachin Pilot said that 219 government websites were defaced by various hacker groups between January to October, 2011.
   
"A total of 90, 119, 252 and 219 government websites as reported and tracked by CERT-In were defaced by various hacker groups in 2008, 2009, 2010 and January-October 2011," Pilot said.

Read More

Phone hacking: 31-year-old woman arrested in Northumberland.

A 31-year-old woman was arrested today by detectives investigating phone hacking at News International.

She is being questioned in custody at a police station in the North East, Scotland Yard said.

Operation Weeting officers said she was held this morning in connection with conspiring to intercept communications.

She is the latest to be arrested on suspicion of phone hacking since the fresh investigation into the illegal interception of voicemails was launched in January.

A series of high-profile figures have been held for questioning, including former News International chief executive Rebekah Brooks and former Downing Street communications chief Andy Coulson.

None of the suspects has been charged and one has been cleared.

The scandal has already led to the closure of the News of the World after 168 years and the resignation of Metropolitan Police Commissioner Sir Paul Stephenson and Assistant Commissioner John Yates.

The latest arrested came just hours after Paul McMullan, the deputy features editor on the Sunday tabloid, said senior executives on the newspaper, including Mr Coulson and Rebekah Brooks, knew that hacking and other illegal activities were widespread.

Mr McMullan, who was giving evidence at The Leveson Inquiry ysterday, described Mr Coulson, who went on to become David Cameron’s director of communications, as “scum” for allowing his reporters to take the blame.

He also accused Mrs Brooks of “cosying up” to David Cameron, describing her as an “arch-criminal”.

In a candid and at times bizarre session, Mr McMullan told the Leveson inquiry into press standards that hacking was an “honourable” activity that aimed to uncover corruption in high places.

He also claimed hacking the phone of Milly Dowler, the murdered teenager, was “not a bad thing” because journalists wanted to help find her and the police were “incompetent”.
He also said that the car chases involved in covering Diana, Princess of Wales were “great fun”.

Asked directly if senior figures at the paper knew that hacking was going on, he replied: “We did all these things for our editors, for Rebekah Brooks and Andy Coulson.”

He alleged that Mr Coulson had been involved in hacking when he was a showbusiness columnist at the News of the World’s sister paper, The Sun.

He said: “It would be pop star A is leaving messages on pop star B’s phone at two in the morning, saying 'I love you shall we meet up for a drink?’ It was that blatant but no one realised anyone was committing a crime at the time.

“My assertion has always been that Andy Coulson brought that practice wholesale with him when he was appointed deputy editor, an appointment I could not believe.”

Mr McMullan went on to attack Mrs Brooks and Mr Coulson, who both edited the News of the World, for failing to back their reporters when the hacking scandal broke. He said they should have said they asked reporters to do these things for the public good.

“They should have been the heroes of journalism, but they aren’t, Rebekah Brooks and Andy Coulson, they are the scum of journalism for trying to drop me and my colleagues in it.”

Describing the relationship between Mrs Brooks and Mr Cameron, Mr McMullan said: “What we have is a future prime minister cosying up and being moulded by the arch-criminal, Rebekah Brooks.”
Addressing the issue of privacy, Mr McMullan said it was those who had something to hide who valued it.

He told the inquiry: “Privacy is the space bad people need to do bad things … Privacy is for paedos, fundamentally no one else needs privacy.”

 

 

Read More

Police using its own network to crack down cyber crime

The Delhi Police have decided to fight fire with fire — by using its own ‘networking’ skills to get the better of cyber criminals on social networking websites.

With everyone from professional hackers to IT professionals on their (unofficial) cyber crime-fighting ‘friends list’, tech-savvy police officers are increasingly combining traditional methods of policing with technical expertise provided by ‘good-willed’ computer experts. 

“More and more young adults, aged between 18 to 25 years, are taking to the internet to settle personal scores by defaming victims through fake profiles and hacking emails. As many as three complaints relating to fake profiles are brought to our notice every day,” said a senior police officer from the Crime Branch.

Till the end of October this year, as many as 180 ‘bona fide’ cases of fake profiles, 111 cases of abusive emails and more than 70 cases of defamation were registered by the Cyber Crime Cell of the Delhi Police.

With the above translating into a 700% increase in cyber crime as compared to last year, the police have reacted by doubling its manpower — and something extra. “We now have one additional DCP, an assistant commissioner of police (ACP), eight inspectors and 10 sub-inspectors, trained in fighting cyber crime from the IP University, and some unofficial sources,” the officer said.

The unofficial sources consist of good Samaritans in the form of discerning cyber law experts, employees of IT companies tipping them off about the latest malicious bug on the net and even some professional hackers.

“When it comes to cyber crime, which evolves as often as technology itself, and is more dynamic than traditional crime, no investigation relating to it can be water-tight. We rely on our own contacts, our own friends working for IT firms and engineers kind enough to keep us in the loop about what’s happening online,” the officer added.

Read More

Pakistani Hacker Named Mr .Creepy is Fake Defacement Exposed

A Pakistani Hacker named Mr .Creepy claimed that he had defaced 50 Indian Website's .
Hackers search about these Domain's on Google and Other Search Engines. But they can't find those domains on Internet most of the domains are fakes . The Indian Hacking Group Said that Pakistani Hackers are Spreading Fake News about Hacking Big Indian Websites .
Pakistani Hackers Just Spreading rumors about hacking Indian Sites. We searched about the real websites some are posted below;

Fake Website>Real Website

www.maduraikamarajuniversityresults.co.in > www.mkuniversity.org

www.magadhuniversityresults.co.in > www.magadhuniversity.org


www.purvanchaluniversityresults.co.in > www.vbspu.ac.in


www.annauniversity.org.in > www.annauniv.ac.in, www.annauniv.edu


www.annamalaiuniversityedu.co.in > annamalaiuniversity.ac.in

www.andhrauniversityresults.co.in > www.andhrauniversity.info

www.amravatiuniversityresults.co.in > www.sgbau.ac.in

www.alagappauniversitydde.in > www.alagappauniversity.ac.in


www.maduraikamarajuniversity.co.in > www.mkudde.org, www.mkuniversity.org


www.nagpuruniversityresults.co.in > www.nagpuruniversity.org

www.northmaharashtrauniversityresults.co.in > www.nmu.ac.in

www.pondicherryuniversity.co.in > www.pondiuni.edu.in, www.ascpu.edu.in

www.mahrashtrauni.co.in > www.tmv.edu.in

www.rajasthanuniversityresults.co.in > result.uniraj.ac.in, results.rajasthaneducation.net

www.shivajiuniversityresults.co.in > www.unishivaji.ac.in

www.punjabiuniversityresults.co.in > www.punjabiuniversity.ac.in

www.mumbaiuniversityresults.co.in > www.mu.ac.in

www.jiwajiuniversityresults.co.in > www.jiwaji.edu

pastebin of hacked websites given below:

http://pastebin.com/5Wq0j40Z

Read More

25000+ Indian Websites Hacked By Pakistani Hacker in the reply of the cyber attack of 26/11/2011 by Indian Hackers Group Indishell

It seems like the attack of an Indian hackers group named ‘Indishell’ is costing a lot for Indian Cyber defense. In the reply of the cyber attack of 26/11 on Pakistani sites by ‘Indishell’ many Pakistani hackers and hackers group hacked about 25000+ websites of India including Government, Universities and Private Institutions websites. By the message given on hacked websites we can say that this defacement happens only because of the attack of that hackers group.

Links of hacked website are provided below:-

Link of hacked govt. websites

http://pulsa.gov.in/
http://iroaf.gov.in/
http://coophp.gov.in/
http://www.sameer.gov.in/
http://mpowerraj.gov.in/

Mirror Links :-
http://www.zone-h.com/mirror/id/15877114
http://www.zone-h.com/mirror/id/15877126
http://www.zone-h.com/mirror/id/15877136
http://www.zone-h.com/mirror/id/15877252
http://www.zone-h.com/mirror/id/15877324

Other Hacked Websites :-

http://www.zone-h.com/archive/notifier=H4x0rL1f3

http://www.zone-h.com/archive/notifier=PakCyberArmy

http://pastebin.com/ND8YYpJV

http://pastebin.com/Ss3dt1Mh

http://pastie.org/2924930

http://pastebin.com/a2HjYRub

Read More