DOCSLIB.ORG

Information Assurance Situation in Switzerland and Internationally

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Information Assurance Situation in Switzerland and Internationally Federal IT Steering Unit FITSU Federal Intelligence Service FIS Reporting and Analysis Centre for Information Assurance MELANI www.melani.admin.ch Information Assurance Situation in Switzerland and Internationally Semi-annual report 2011/II (July – December) MELANI – Semi-annual report 2011/II Information Assurance – Situation in Switzerland and Internationally Contents 1 Focus Areas of Issue 2011/II ....................................................................................... 3 2 Introduction .................................................................................................................. 4 3 Current National ICT Infrastructure Situation ............................................................ 5 3.1 Calls by scammers claiming to be employees of Microsoft customer service ... 5 3.2 Increase in hacked e-mail accounts ................................................................. 6 3.3 A holiday card to steal passwords .................................................................... 7 3.4 Phishing attacks: Technical optimisation .......................................................... 9 3.5 Now also in Switzerland: Malware blocking PCs and demanding payment .... 10 3.6 Politicians targeted by hackers ....................................................................... 11 3.7 Mass hacking of webshops ............................................................................ 12 3.8 Bogus websites of real estate companies advertise jobs for financial agents . 12 3.9 Control systems with Internet connections – Special security awareness necessary ....................................................................................................... 13 4 Current International ICT Infrastructure Situation ................................................... 15 4.1 Attack on Dutch certificate authority ............................................................... 15 4.2 SCADA – Malware, attacks and vulnerabilities ............................................... 17 4.3 Anonymous .................................................................................................... 19 4.4 Alleged state actor spied on computer systems worldwide for many years, including the UN in Geneva and the IOC ........................................................ 20 4.5 Various hacking attacks ................................................................................. 21 4.6 Deactivation of DNSChanger botnet .............................................................. 22 4.7 Law enforcement trojans ................................................................................ 22 4.8 WikiLeaks divulges trade in surveillance and forensic software ...................... 24 4.9 Strategies and exercises ................................................................................ 25 5 In-depth Analyses and Trends .................................................................................. 27 5.1 Smart grid and home automation ................................................................... 27 5.2 Anonymous – the advantages and disadvantages of the open structure ........ 28 5.3 "Good" and "bad" surveillance on the Internet ................................................ 29 5.4 Security in the mobile age – How do I protect my smartphone? ..................... 30 5.5 Attacks on certificate service providers and their impact ................................ 32 6 Glossary ..................................................................................................................... 33 2/2 MELANI – Semi-annual report 2011/II Information Assurance – Situation in Switzerland and Internationally 1 Focus Areas of Issue 2011/II • Attacks on certificate service providers and their impact In the course of an attack on DigiNotar, a Dutch certificate authority, more than 530 bogus certificates were issued, including for the domain windowsupdate.com, which is home to the update function for all Microsoft Windows products, and various Google domains. ► Current situation internationally: Chapter 4.1 ► Trends / Outlook: Chapter 5.5 • Cyberactivism "Anonymous" once again caught the media's interest with various operations in cyberspace over the past months. But who exactly is behind "Anonymous"? According to numerous statements, "Anonymous" is not an organisation per se, but rather something more like an attitude to life. Support is not tied to any particular form: Every activist does what he or she believes to be right. This may in fact also lead to actions that do not enjoy broad support in the movement and thus provoke contradictory messages. ► Current situation internationally: Chapter 4.3 ► Trends / Outlook: Chapter 5.2 • "Good" and "bad" surveillance on the Internet The analysis of the German law enforcement trojan (often referred to using the undifferentiated term "federal trojan") by the Chaos Computer Club triggered debates about its use not only in Germany, but also in Switzerland. Additionally, WikiLeaks began to publish numerous documents on 1 December 2011, which are purported to show that private security companies are selling ICT solutions to states with predominantly autocratic governments and lack of respect for human rights. This debate, which is in fact old but has been rekindled, arises from one of the fundamental problems of the Internet, the networked society, and ICT. The emergence of new options all the time to communicate, to exchange data and information, and to make them available everywhere and always, has consequences: The measures to locate and obtain information, and generally the work of the security authorities of a state, are becoming much more complicated. ► Current situation internationally: Chapter 4.7, Chapter 4.8 ► Trends / Outlook: Chapter 5.3 • Phishing, fraud and ransomware on the rise A new phenomenon observed in Switzerland since summer 2011 is calls by scammers who pretend to be employees of Microsoft customer service, in order to gain access to computers. Phishing has also increased heavily in the last 6 months and is targeting primarily e-mail providers and credit card companies. To keep fraudulent websites active for as long as possible, criminals are trying new methods intended to make it more difficult to shut down phishing sites. At the beginning of November, ransomware was disseminated, claiming to be from the Federal Department of Justice and Police. ► Current situation in Switzerland: Chapters 3.1, 3.2, 3.3, 3.4, 3.5 3/3 MELANI – Semi-annual report 2011/II Information Assurance – Situation in Switzerland and Internationally 2 Introduction The fourteenth semi-annual report (July – December 2011) of the Reporting and Analysis Centre for Information Assurance (MELANI) presents the most significant trends involving the threats and risks arising from information and communication technologies (ICT). It provides an overview of the events in Switzerland and abroad, illuminates the most important developments in the field of prevention, and summarises the activities of public and private actors. Explanations of jargon and technical terms (in italics) can be found in a Glossary (Chapter 6) at the end of this report. Comments by MELANI are indicated in a shaded box. Selected topics covered in this semi-annual report are outlined in Chapter 1. Chapters 3 and 4 discuss breakdowns and failures, attacks, crime and terrorism connected with ICT infrastructures. Selected examples are used to illustrate important events of the second half of 2011. Chapter 3 discusses national topics, Chapter 4 international topics. Chapter 5 includes in-depth analyses and trends on current topics. 4/4 MELANI – Semi-annual report 2011/II Information Assurance – Situation in Switzerland and Internationally 3 Current National ICT Infrastructure Situation 3.1 Calls by scammers claiming to be employees of Microsoft customer service Recently there has been an increase worldwide, and also in Switzerland, of calls by scammers claiming to be employees of Microsoft or other ICT support companies. The callers generally speak English and claim to be from the United States, England or Australia. In many cases, the callers refer to error messages that supposedly had been transmitted by the computers of the contacted business or individual. The persons called are, for instance, told to launch the Event Viewer1, which can be used to display all events and activities running on the computer. It should be noted in this regard that even a perfectly functioning system may on occasion generate error messages. Depending on the age and configuration of the computer, the list of error messages in the Event Viewer may even be very long, although the system does not have any fundamental problems. The launch of this programme is generally used by the "support" callers to present a credible backdrop for the victims and to scare them. The scammers' goal is to convince the persons called that they should download a programme, thereby giving the scammer remote access to the computer. Once this access is granted, the caller has the same options to manipulate the computer as if he were sitting directly at the computer (copy/change/delete data, install programmes, set up a "back door" to access the system at a later time, etc.). Sometimes, the callers also offer to set up a support subscription or a guarantee and ask for credit card data or other form of payment for that purpose. The callers apparently look for victims using public directories, such as the Swiss Commercial Register or public telephone books.
Load more

Recommended publications
  • Why We Should Consider the Plurality of Hacker and Maker Cultures 2017
    Repositorium für die Medienwissenschaft Sebastian Kubitschko; Annika Richterich; Karin Wenz „There Simply Is No Unified Hacker Movement.“ Why We Should Consider the Plurality of Hacker and Maker Cultures 2017 https://doi.org/10.25969/mediarep/1115 Veröffentlichungsversion / published version Zeitschriftenartikel / journal article Empfohlene Zitierung / Suggested Citation: Kubitschko, Sebastian; Richterich, Annika; Wenz, Karin: „There Simply Is No Unified Hacker Movement.“ Why We Should Consider the Plurality of Hacker and Maker Cultures. In: Digital Culture & Society, Jg. 3 (2017), Nr. 1, S. 185– 195. DOI: https://doi.org/10.25969/mediarep/1115. Erstmalig hier erschienen / Initial publication here: https://doi.org/10.14361/dcs-2017-0112 Nutzungsbedingungen: Terms of use: Dieser Text wird unter einer Creative Commons - This document is made available under a creative commons - Namensnennung - Nicht kommerziell - Keine Bearbeitungen 4.0 Attribution - Non Commercial - No Derivatives 4.0 License. For Lizenz zur Verfügung gestellt. Nähere Auskünfte zu dieser Lizenz more information see: finden Sie hier: https://creativecommons.org/licenses/by-nc-nd/4.0 https://creativecommons.org/licenses/by-nc-nd/4.0 “There Simply Is No Unified Hacker Movement.” Why We Should Consider the Plurality of Hacker and Maker Cultures Sebastian Kubitschko in Conversation with Annika Richterich and Karin Wenz Sebastian Kubitschko is a postdoctoral researcher at the Centre for Media, Communication and Information Research (ZeMKI) at the University of Bremen in Germany. His main research fields are political communication, social movements and civil society organisations. In order to address the relevance of new forms of techno-political civic engagement, he has conducted qualitative, empirical research on one of the world’s oldest and largest hacker organisations, the Chaos Computer Club (CCC).
    [Show full text]
  • Internet Infrastructure Review Vol.15 -Infrastructure Security
    1. Infrastructure Security The Revised Unauthorized Computer Access Law In this volume we examine the revised Unauthorized Computer Access Law, and discuss the DNS Changer malware as well as the Ghost Domain Name issue relating to DNS. Infrastructure Security 1.1 Introduction This report summarizes incidents to which IIJ responded, based on general information obtained by IIJ itself related to the stable operation of the Internet, information from observations of incidents, information acquired through our services, and information obtained from companies and organizations with which IIJ has cooperative relationships. This volume covers the period of time from January 1 to March 31, 2012. Following on from the previous period, with an increase in the number of smartphone users, there have been an increasing number of problems related to the handling of information on the devices and user information. Hacktivism-based attacks such as those by Anonymous also continued to occur, and the number of attacks on companies and government agencies remained at a high level. In Middle-Eastern countries and Israel there were a series of hacking incidents and information leaks, as well as DDoS attacks on websites including critical infrastructure. Regarding vulnerabilities, an issue was discovered and fixed in multiple cache DNS server implementations including BIND. As seen above, the Internet continues to experience many security-related incidents. 1.2 Incident Summary Here, we discuss the IIJ handling and response to incidents Other 19.7% Vulnerabilities 20.6% that occurred between January 1 and March 31, 2012. Figure 1 shows the distribution of incidents handled during this period*1.
    [Show full text]
  • Darpa Starts Sleuthing out Disloyal Troops
    UNCLASSIFIED (U) FBI Tampa Division CI Strategic Partnership Newsletter JANUARY 2012 (U) Administrative Note: This product reflects the views of the FBI- Tampa Division and has not been vetted by FBI Headquarters. (U) Handling notice: Although UNCLASSIFIED, this information is property of the FBI and may be distributed only to members of organizations receiving this bulletin, or to cleared defense contractors. Precautions should be taken to ensure this information is stored and/or destroyed in a manner that precludes unauthorized access. 10 JAN 2012 (U) The FBI Tampa Division Counterintelligence Strategic Partnership Newsletter provides a summary of previously reported US government press releases, publications, and news articles from wire services and news organizations relating to counterintelligence, cyber and terrorism threats. The information in this bulletin represents the views and opinions of the cited sources for each article, and the analyst comment is intended only to highlight items of interest to organizations in Florida. This bulletin is provided solely to inform our Domain partners of news items of interest, and does not represent FBI information. In the JANUARY 2012 Issue: Article Title Page NATIONAL SECURITY THREAT NEWS FROM GOVERNMENT AGENCIES: American Jihadist Terrorism: Combating a Complex Threat p. 2 Authorities Uncover Increasing Number of United States-Based Terror Plots p. 3 Chinese Counterfeit COTS Create Chaos For The DoD p. 4 DHS Releases Cyber Strategy Framework p. 6 COUNTERINTELLIGENCE/ECONOMIC ESPIONAGE THREAT ITEMS FROM THE PRESS: United States Homes In on China Spying p. 6 Opinion: China‟s Spies Are Catching Up p. 8 Canadian Politician‟s Chinese Crush Likely „Sexpionage,‟ Former Spies Say p.
    [Show full text]
  • Cybersecurity Forum Für Datensicherheit, Datenschutz Und Datenethik 23
    3. JAHRESTAGUNG CYBERSECURITY FORUM FÜR DATENSICHERHEIT, DATENSCHUTZ UND DATENETHIK 23. APRIL 2020, FRANKFURT AM MAIN #cyberffm Premium-Partner: Veranstaltungspartner: 3. JAHRESTAGUNG CYBERSECURITY DEUTSCHLAND — DIGITAL — SICHER — BSI Die Schadsoftware »Emotet« hat uns in den letzten Wochen und Monaten erneut schmerzhaft vor Augen geführt, welche Auswirkungen es haben kann, wenn man die Vorteile der Digitalisierung genießt, ohne die dafür unabdingbar notwendige Infor- mationssicherheit zu gewährleisten. Stadtverwaltungen, Behörden, Krankenhäuser und Universitäten wurden lahmgelegt, Unternehmen mussten zeitweise den Betrieb einstellen. Die Folgen sind für jeden von uns spürbar: Arbeitsplätze sind in Gefahr, Waren und Dienstleistungen können nicht mehr angeboten und verkauft werden, Krankenhäuser müssen die Patientenannahme ablehnen. Stadtverwaltungen sind nicht mehr arbeitsfähig und schließen ihre Bürgerbüros. Bürgerinnen und Bürger konnten keine Ausweise und Führerscheine beantragen, keine Autos anmelden und keine Sperrmüllabfuhr bestellen. Sogar Hochzeiten mussten verschoben werden. Und wie würde die Lage wohl erst aussehen, wenn wir tatsächlich in einer voll digitalisierten Welt lebten? Das BSI beschäftigt sich damit, in welchen Anwendungsfeldern der Digitalisierung Risiken entstehen könnten und wie wir diese Risiken kalkulierbar und beherrschbar machen können. Unsere Stärke ist es, Themen der Informationssicherheit gebündelt fachlich zu analysieren und aus der gemeinsamen Analyse heraus konkrete Angebote für unterschiedliche Zielgruppen
    [Show full text]
  • Munkavállalói Adatok Szivárogtak Az Nvidiatól
    Munkavállalói adatok szivárogtak az Nvidiatól 2015.01.05. 09:58 | Csizmazia Darab István [Rambo] | Szólj hozzá! Címkék: nvidia jelszó incidens security adatszivárgás jelszócsere breach welivesecurity.com A nagy adatlopási ügyek mellett történnek azért rendre "kisebb" horderejű, de azért szintén fontos biztonsági incidensek is, amelyek szintén nem tanulság nélkül valóak. Ezúttal az Nvidia háza táján történt olyan, dolgozói adatokat érintő adatlopás még decemberben, amely miatt a cég jelszóváltoztatásra és óvatosságra figyelmeztette saját munkavállalóit. A Forbes beszámolója szerint a jelszavak azonnali megváltoztatása mellett arra is kiemelten felhívták a figyelmet, hogy fokozott óvatossággal kezeljenek minden kéretlen levélben érkező adathalász próbálkozást. Ilyen esetekben ugyanis a kiszivárgott személyes információk birtokában sokszor testre-szabott, személyes hangvételű banki vagy látszólag munkatársak, barátok nevében érkező, és jelszavainkkal kapcsolatos kéréseket tartalmazó phishing megkeresések is érkezhetnek. A fenti hamis megkeresési trükkök mellett a dolgozóknak érdekes módon általában nehezükre esik elfogadni a valóságos belső fenyegetés veszélyét is, pedig a támadások, adatszivárgások alkalmával számos esetben van valamilyen belső szál is. Emellett emlékezetes lehet, hogy annak idején több mint 20 olyan embert azonosítottak, akik simán megadták az azonosítójukat és a jelszavukat Snowdennek, aki kollégái hozzáférését is felhasználta az adatgyűjtései és kiszivárogtatásai során. Mivel az eset több, mint 500 dolgozót is érinthetett,
    [Show full text]
  • An Analysis of the Nature of Groups Engaged in Cyber Crime
    International Journal of Cyber Criminology Vol 8 Issue 1 January - June 2014 Copyright © 2014 International Journal of Cyber Criminology (IJCC) ISSN: 0974 – 2891 January – June 2014, Vol 8 (1): 1–20. This is an Open Access paper distributed under the terms of the Creative Commons Attribution-Non- Commercial-Share Alike License, which permits unrestricted non-commercial use, distribution, and reproduction in any medium, provided the original work is properly cited. This license does not permit commercial exploitation or the creation of derivative works without specific permission. Organizations and Cyber crime: An Analysis of the Nature of Groups engaged in Cyber Crime Roderic Broadhurst,1 Peter Grabosky,2 Mamoun Alazab3 & Steve Chon4 ANU Cybercrime Observatory, Australian National University, Australia Abstract This paper explores the nature of groups engaged in cyber crime. It briefly outlines the definition and scope of cyber crime, theoretical and empirical challenges in addressing what is known about cyber offenders, and the likely role of organized crime groups. The paper gives examples of known cases that illustrate individual and group behaviour, and motivations of typical offenders, including state actors. Different types of cyber crime and different forms of criminal organization are described drawing on the typology suggested by McGuire (2012). It is apparent that a wide variety of organizational structures are involved in cyber crime. Enterprise or profit-oriented activities, and especially cyber crime committed by state actors, appear to require leadership, structure, and specialisation. By contrast, protest activity tends to be less organized, with weak (if any) chain of command. Keywords: Cybercrime, Organized Crime, Crime Groups; Internet Crime; Cyber Offenders; Online Offenders, State Crime.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Hacktivism Cyberspace Has Become the New Medium for Political Voices
    White Paper Hacktivism Cyberspace has become the new medium for political voices By François Paget, McAfee Labs™ Table of Contents The Anonymous Movement 4 Origins 4 Defining the movement 6 WikiLeaks meets Anonymous 7 Fifteen Months of Activity 10 Arab Spring 10 HBGary 11 The Sony ordeal 11 Lulz security and denouncements 12 Groups surrounding LulzSec 13 Green rights 14 Other operations 15 AntiSec, doxing, and copwatching 16 Police responses 17 Anonymous in the streets 18 Manipulation and pluralism 20 Operation Megaupload 21 Communications 21 Social networks and websites 21 IRC 22 Anonymity 23 DDoS Tools 24 Cyberdissidents 25 Telecomix 26 Other achievements 27 Patriots and Cyberwarriors 28 Backlash against Anonymous 29 TeaMp0isoN 30 Other achievements 30 Conclusion 32 2 Hacktivism What is hacktivism? It combines politics, the Internet, and other elements. Let’s start with the political. Activism, a political movement emphasising direct action, is the inspiration for hacktivism. Think of Greenpeace activists who go to sea to disrupt whaling campaigns. Think of the many demonstrators who protested against human rights violations in China by trying to put out the Olympic flame during its world tour in 2008. Think of the thousands of activists who responded to the Adbusters call in July 2011 to peacefully occupy a New York City park as part of Occupy Wall Street. Adding the online activity of hacking (with both good and bad connotations) to political activism gives us hacktivism. One source claims this term was first used in an article on the filmmaker Shu Lea Cheang; the article was written by Jason Sack and published in InfoNation in 1995.
    [Show full text]
  • Cisco 2017 Midyear Cybersecurity Report
    Cisco 2017 Midyear Cybersecurity Report 1 Executive Summary Table of Contents Executive Summary ..........................................................03 Vulnerabilities update: Rise in attacks following key disclosures ................................................................ 47 Major Findings ..................................................................05 Don’t let DevOps technologies leave the Introduction ......................................................................07 business exposed ............................................................ 50 Attacker Behavior .............................................................09 Organizations not moving fast enough to patch Exploit kits: Down, but not likely out ................................. 09 known Memcached server vulnerabilities ......................... 54 How defender behavior can shift attackers’ focus ...........11 Malicious hackers head to the cloud to shorten the path to top targets ..................................................... 56 Web attack methods provide evidence of a mature Internet ............................................................. 12 Unmanaged infrastructure and endpoints leave organizations at risk ......................................................... 59 Web block activity around the globe ................................ 13 Security Challenges and Opportunities Spyware really is as bad as it sounds............................... 14 for Defenders ...................................................................61
    [Show full text]
  • (IN)SECURE Magazine Contacts
    It’s February and the perfect time for another issue of (IN)SECURE. This time around we bring you the opinions of some of the most important people in the anti-malware industry, a fresh outlook on social engineering, fraud mitigation, security visualization, insider threat and much more. We’ll be attending InfosecWorld in Orlando, Black Hat in Amsterdam and the RSA Conference in San Francisco. In case you want to show us your products or just grab a drink do get in touch. Expect coverage from these events in the April issue. I’m happy to report that since issue 14 was released we’ve had many new subscribers and that clearly means that we’re headed in the right direction. We’re always on the lookout for new material so if you’d like to present yourself to a large audience drop me an e-mail. Mirko Zorz Chief Editor Visit the magazine website at www.insecuremag.com (IN)SECURE Magazine contacts Feedback and contributions: Mirko Zorz, Chief Editor - [email protected] Marketing: Berislav Kucan, Director of Marketing - [email protected] Distribution (IN)SECURE Magazine can be freely distributed in the form of the original, non modified PDF document. Distribution of modified versions of (IN)SECURE Magazine content is prohibited without the explicit permission from the editor. Copyright HNS Consulting Ltd. 2008. www.insecuremag.com Qualys releases QualysGuard PCI 2.0 Qualys announced the availability of QualysGuard PCI 2.0, the second generation of its On Demand PCI Platform. It dramatically streamlines the PCI compliance process and adds new capabilities for large corporations to facilitate PCI compliance on a global scale.
    [Show full text]
  • Advanced Cyber Security Techniques (PGDCS-08)
    Post-Graduate Diploma in Cyber Security Advanced Cyber Security Techniques (PGDCS-08) Title Advanced Cyber Security Techniques Advisors Mr. R. Thyagarajan, Head, Admn. & Finance and Acting Director, CEMCA Dr. Manas Ranjan Panigrahi, Program Officer (Education), CEMCA Prof. Durgesh Pant, Director-SCS&IT, UOU Editor Mr. Manish Koranga, Senior Consultant, Wipro Technologies, Bangalore Authors Block I> Unit I, Unit II, Unit III & Unit Mr. Ashutosh Bahuguna, Scientist- Indian IV Computer Emergency Response Team (CERT-In), Department of Electronics & IT, Ministry of Communication & IT, Government of India Block II> Unit I, Unit II, Unit III & Unit Mr. Sani Abhilash, Scientist- Indian IV Computer Emergency Response Team Block III> Unit I, Unit II, Unit III & Unit (CERT-In), Department of Electronics & IT, IV Ministry of Communication & IT, Government of India ISBN: 978-93-84813-95-6 Acknowledgement The University acknowledges with thanks the expertise and financial support provided by Commonwealth Educational Media Centre for Asia (CEMCA), New Delhi, for the preparation of this study material. Uttarakhand Open University, 2016 © Uttarakhand Open University, 2016. Advanced Cyber Security Techniques is made available under a Creative Commons Attribution Share-Alike 4.0 Licence (international): http://creativecommons.org/licenses/by-sa/4.0/ It is attributed to the sources marked in the References, Article Sources and Contributors section. Published by: Uttarakhand Open University, Haldwani Expert Panel S. No. Name 1 Dr. Jeetendra Pande, School of Computer Science & IT, Uttarakhand Open University, Haldwani 2 Prof. Ashok Panjwani, Professor, MDI, Gurgoan 3 Group Captain Ashok Katariya, Ministry of Defense, New Delhi 4 Mr. Ashutosh Bahuguna, Scientist-CERT-In, Department of Electronics & Information Technology, Government of India 5 Mr.
    [Show full text]
  • Superseding Indictment
    _.1{:~~")li~~lti:f~{ FilED ~'Y.:{fs;v, ~,;;rin>---- f-:V' . .. mOPEN COURT .. .1 ''· ··\wi IN THE UNITED STATES DISTRICT COURT F ~~ ffHE f 'f.i 2 EASTERN DISTRICT OF VIRGINIA I?_! ~ 'iJII~ J .·· CLEHI\ U.S. DISTRICT COURT Alexandria Division illgi\NDRIA, VIRGIN!~--~~-' UNITED STATES OF AMERICA Criminal No. 1:18-cr-111 (CMH) v. Count 1: 18 U.S.C. § 793(g) Conspiracy To Obtain and Disclose National JULIAN PAUL ASSANGE, Defense Information Defendant. Count 2: 18 U.S.C. § 371 Conspiracy to Commit Computer Intrusions Counts 3, 4: 18: 18 U.S.C §§ 793(b) and2 Obtaining National Defense Infmmation Counts 5-8: 18 U.S.C. §§ 793(c) and 2 Obtaining National Defense Information Counts 9-11: 18 U.S.C. §§ 793(d) and2 Disclosure ofNational Defense Infmmation Counts 12-14: 18 U.S.C. §§ 793(e) and 2 Disclosure ofNational Defense Information Counts 15-17: 18 U.S.C. § 793(e) Disclosure ofNational Defense Information SECOND SUPERSEDING INDICTMENT June 2020 Term- at Alexandria, Virginia . THE GRAND JURY CHARGES THAT: GENERAL ALLEGATIONS A. ASSANGE and WikiLeaks 1. From at least 2007,1 JULIAN PAUL ASSANGE ("ASSANGE"} was the public 1 When the Grand Jury alleges in this Superseding Indictment that an event occurred on a particular date, the Grand Jury means to convey that the event occmTed "on or about" that date. face of"WikiLeaks," a website he founded with others as an "intelligence agency ofthe people." To obtain information to release on the WikiLeaks website, ASSANGE recruited sources and predicated the success of WikiLeaks in pmi upon the recruitment of sources to (i) illegally circumvent legal safeguards on infonnation, including classification restrictions and computer and network access restrictions; (ii) provide that illegally obtained information to WikiLeaks for public dissemination; and (iii) continue the pattern of illegally procuring and providing classified and hacked information to WikiLeaks for distribution to the public.
    [Show full text]