When Internet Security NEWS isn’t!

Across the globe this morning, the news has been released that a “vast electronic spying operation dubbed GhostNet”, has been discovered by researchers at the University of Toronto.

Major newspapers, worldwide, have reported on this story as a sampling of news headlines illustrates.

“U of T team tracks China-based cyber spies” – Toronto Star

“Cyber spies hack into government computers across the globe” – Jakarta Post

“Canadian researchers uncover Chinese spy plot against Dalai Lama” – Irish Sun

“Massive Chinese computer espionage network uncovered” – The Guardian

So, what’s wrong with this news story? Well, how about this – This is NOT news!

Simply because this story is not news of course, doesn’t mean that it can’t be MADE news. Just add the following quote from Ronald Deibert, a member of the research group and an associate professor of political science who said: “This could well be the CIA or the Russians. It’s a murky realm that we’re lifting the lid on.”

Newspapers

Huh? You, are lifting the lid on this. Let me quote ABC’s John Stossel here “Give me a break”. Where have you been Mr. Deibert? This “news” report is only marginally informative, contains no new Internet security information of any value, and is on the face of it – misleading.

To quote the article “The malware is remarkable both for its sweep – in computer jargon, it has not been merely “phishing” for random consumers’ information, but “whaling” for particular important targets – and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-recording functions of an infected computer enabling monitors to see and hear what goes on in a room”.

Here’s a clue for these researchers – every day, typically average Internet users’ are exposed to vastly more sophisticated malware and penetration attempts, just by surfing the Web. A level of malware sophistication that makes the scenario described in the article, look like amateur day at the Burlesque.

Some examples used in the article to drive home the point that this occurrence is somehow a particularly dangerous and new threat:

Whaling for particular important targets?

This is the standard and typical behavior of a “banker” Trojan, which sit in the background of an infected machine until such time as the victim signs on to a banking site. The Trojan then intercepts the privileged data and transmits that data to cybercrooks.

Activating a video camera and audio pickup?

This is a no brainer for malware writers. In fact mobile spyware has the potential to turn on your phone’s camera or voice recorder, turning your own phone into a spying device. Now that’s a story worth writing about; one that has direct impact on vast numbers of individuals.

Here’s the sad reality – savvy computer users are better equipped to harden their computers against penetration than most government agencies/departments. If you think not, then checkout the ample evidence on the Internet that supports this view.

As ABC Television’s 20/20 likes to say “We’re in touch – so you be in touch”. Good advice for most news organizations when it comes to reporting on technology issues. Thus far, most newspapers are essentially illiterate when reporting on even the most minor computer security issues.

About these ads

7 Comments

Filed under Interconnectivity, Internet Safety, Malware Advisories, Personal Perspective, Spyware - Adware Protection, trojans, Viruses, worms

7 responses to “When Internet Security NEWS isn’t!

  1. Boy you nailed it with your second to last paragraph. I work for a Government agency and I can tell you our machines rarely get updated and there’s no policy about USB keys being used or anything I consider security awareness going on. Just because we’re behind a firewall it doesn’t stop anyone from bringing a threat in from the inside. Frequently the worst offenders are supervisors who operate as a power user when they should be only allowed limited user right because of their lack of computer skills.

    • Bill Mullins

      Hey Mark,

      Sad, sad, sad.

      What can we do about this? Surely this cannot be allowed to continue.

      Supervisors = Power users? Old, dumb traditions (power mongering), die
      slowly.

      Thanks for this Mark – I trust you’re keeping well.

      Bill

  2. Modern Journalism is a joke (back in the day, that was one of my Majors), and it’s little wonder that people have turned (in droves) to blogs and other forms of “alternative media” for their news and information.
    Our big city paper (the San Fransisco Chronicle) is saying it is going to stop publishing. Bankrupt. (serves ‘em right, IMHO)

    However, most people are completely ignorant to the fact that — as your readers know — the Internet is a dangerous place, and this story is indeed “news” to them.

    {Google “cyberwarfare”, folks}

    Great article, Mr. Mullins. It needed to be said.

    • Bill Mullins

      Hey Paul,

      My first job was as a morning newspaper carrier – you know the routine; up
      at 5 AM, meet the train at the station and then pickup your papers (The Wall
      Street Journal), and deliver them. A scene repeated a bazillion time across
      the Globe, back in the day – even then, business people loved to be
      misinformed!

      Those days are gone, and as you so rightfully point out; with some
      justification.

      Back in the day (damn I hate that phrase), a newspaper running a story such
      as the one I refer to, would have backed up every assertion in the story 20
      ways from Sunday. That costs money of course, and newspapers of today will
      not/cannot spend the bucks. So, we get a piece of crap, pretening to be
      information of value.

      It’s sad to think that your statement “most people are completely ignorant
      to the fact that — as your readers know — the Internet is a dangerous
      place, and this story is indeed “news” to them”, should be true. But, it is.

      What I want to know is – how in hell did we get to this?

      Bill

  3. Part of it has to do with the conglomeration of the media.

    Oversimplifying things a bit, for purposes of example, when a television station is wholly owned by .. oh, let’s say, Kellog’s Corn Flakes, that television station will have two things on its agenda — make a profit, and sell Corn Flakes. Note how “detailed and accurate information” is not listed.

    In the United States, we passed Laws to ensure that all the media outlets could not be owned by one entity/person (anti-monopoly) — as what typical happens when Gov’t gets involved — the exact opposite happened.

    Ted Turner wrote a nice piece about this, here, http://www.wanttoknow.info/050506mediaconglomerationfcc
    and a very informative “visual” representation can be seen here, http://www.mediachannel.org/ownership/chart.shtml

    “Back in the day” the News Departments were considered separate, and part of the “public service” do-good area required by law — profit and ratings weren’t even considered. In those days, reporters separated themselves from “hacks” by getting-to-the-facts — Edward R Murrow and Walter Cronkite were from this school, and they would rather be late with a story to get it absolutely right.

    I wrote an article titled “A World Run By Ad Revenue”, and that’s what it’s all about today. You can charge more for your ads if you have higher ratings. Plain old accurate news doesn’t get ratings.. sensational infotainment does.
    Do the math.

    • Bill Mullins

      TechPaul

      Read your article on “A World Run By Ad
      Revenue”
      – a must read for all readers.

      Edward R Murrow and Walter Cronkite? We’ll never see their like again.

      Bill

  4. Well.. yes we will (I think). On blogs.

    For example, you present information without having to first stop and consider if Kellog’s Corn Flakes is mentioned often enough, predominately enough.. and is your title lurid or scary to “top the ratings chart”..

    But, yes, in the “mainstream media” they’ve been gone for a long while now and won’t return.

    That is one of the great things about the Internet.. you can view material that isn’t be run through the government’s or corporation’s filters.
    Except in China.