Tag Archives: Ukraine

Former Soviet Bloc, Allies, Under Lurid Attack

Trend Micro researchers David Sancho and Nart Villeneuve have written up an interesting attack they’ve dubbed LURID on diplomatic missions, government ministries, space-related government agencies and other companies and research institutions in the former Soviet bloc and its allies. (Only China was not a Soviet bloc member or ally in the list, and it was the least affected by the attack.)

Although they don’t say, or speculate, about the attacker, it’s not hard to conclude who might be particularly interested in what the attacks are able to dig up:

Although our research didn’t reveal precisely which data was being targeted, we were able to determine that, in some cases, the attackers attempted to steal specific documents and spreadsheets.

Russia had 1,063 IP addresses hit in the attacks; Kazakhstan, 325; Ukraine, 102; Vietnam, 93; Uzbekistan; 88; Belarus, 67; India, 66; Kyrgyzstan, 49; Mongolia, 42; and China, 39.

The campaign has been going for at least a year, and has infected some 1,465 computers in 61 countries with more than 300 targeted attacks.

Dark Reading quotes Jamz Yaneza, a research director at Trend Micro, as saying it’s probably a case of industrial espionage. But who by? ”This seems to be a notable attack in that respect: It doesn’t target Western countries or states. It seems to be the reverse this time,” Yaneza says.

Other tidbits from the Dark Reading report: Definitely not out of Russia, according to Yaneza. David Perry, global director of education at Trend Micro, says could be out of China or U.S., but no evidence of either. So it could be either hacktivists or industrial espionage. Yaneza says attackers stole Word files and spreadsheets, not financial information. “A lot of the targets seemed to be government-based,” he says.

My tuppennies’ worth? Seems unlikely to be hactivists, at least the type we think of. This was a concerted campaign, specifically aimed to get certain documents. Much more likely to be either industrial espionage or pure espionage. Which means we might have reached the stage where groups of hackers are conducting these attacks because a market exists for the product retrieved. Or had we already gotten there, and just not known it?

Either way, Russia and its former allies are now in the crosshairs.

More reading:

Massive malware attacks uncovered in former USSR | thinq_

Cyberspy attacks targeting Russians traced back to UK and US • The Register

Radio Australia topics, Nov 7

I make an appearance on the excellent Breakfast Club show on Radio Australia each Friday at 01:15 GMT and some listeners have asked me post links to the stuff I talk about, so here they are.

image

Follow football on your cellphone through vibrations: a team in Scandavia has come up with a way to convey movement of a ball via vibrations. This would allow folks wanting to follow a soccer game with the phone in their pocket, in theory.

This is how it would happen, as far as I can understand it: someone would watch a game and input data whenever the ball was kicked. This data would translate into vibrations—short if the ball is in midfield, longer and more insistent as it got nearer the goal. The researchers claim that users quickly figure out what is happening and can follow a game pretty well.

Reminds me of when I was a kid trying to follow a soccer match on a bad radio: You kind of guessed when things were getting exciting by the rise in crowd noise and the voice of the commentator.

Obama’s victory has quickly translated into an opportunity for bad guys. Sophos reports that 60% of malicious is Obama related, including what looks like a link to his acceptance speech, but which is in fact a trojan which, among other things, captures keystrokes and sends information back to the Ukraine. Obama-related malware has even been seen in the sponsored ads appearing on Google News.

EA has made another boo-boo: some copies of its Red Alert 3 CDs are missing a character on the serial number. “Try guessing the last character,” explained the support site until someone pointed out that this was dumb and encouraging amateur cracking.

Lost in translation: The continuing saga of Welsh being a language that non-speakers are never going to be able to guess at took another twist with a sign that, in English, reads  “No entry for heavy goods vehicles. Residential site only,” but which in Welsh reads “I am not in the office at the moment. Send any work to be translated.”

I don’t think I need to explain more, except to say that the sign has been removed—apparently by the council that installed it. What Welsh truck drivers made of it has not been recorded.

Photo credit: BBC

The Tilted Software Piracy Debate

Software piracy is a tricky topic, that requires some skepticism on the part of the reporter, though the media rarely show signs of that in their coverage. Here’s another example from last week’s Microsoft press conference in Indonesia, one of the prime culprits when it comes to counterfeit software:

JAKARTA (AFP) – Software piracy is costing the Indonesian economy billions of dollars each year and is stymieing the creation of a local information technology industry, a Microsoft representative said.

There is some truth to these statements, but it’s not really what Microsoft is interested in. First off, is it really the Indonesian economy that’s suffering because of piracy? One could argue the Indonesian economy is largely built on pirated software, as a kind of subsidy (like gasoline, which was until recently heavily subsidized.)

Secondly, when did Microsoft ever support the creation of a “local information technology industry”? That’s not their job — and I don’t blame them — but why hide behind this kind of argument? (Interestingly, there’s a lively Linux development community in Indonesia, but I’m not sure that’s what Microsoft is talking about here).

Some 87 percent of computer software on the market in Indonesia in 2005 was pirated, Microsoft Indonesia’s Irwan Tirtariyadi said citing a study from the Business Software Alliance, an organisation representing manufacturers.

That’s probably about right. It’s huge. It’s hard to find a company that doesn’t use pirated software. You can buy pretty much every program ever written, and I don’t know of a single person who uses a computer and who doesn’t buy pirated software. This is not to condone it, but I also only know of about half a dozen shops in a city of 12 million people which actually sell legal software. And forget buying online: Most companies won’t ship to Indonesia.

Lax law enforcement and widespread corruption contributed to Indonesia clocking in with the fifth highest rate of software counterfeiting in the world, he said, after Vietnam, Ukraine, China and Zimbabwe. “I’ve heard when police come to a shop (selling pirated software) it is closed. Basically information is leaking and this is an indication of the quality of law enforcement in action,” Tirtariyadi said.

This is part of the problem, it’s true. The malls are full of shops openly selling pirated software, often on the ground floor near the entrance, with policemen patrolling by. When a raid is planned, everyone knows about it, the shops quietly shut, cover their wares in tarpaulins and keep their heads down for a day or two. (Sometimes it’s hard to tell whether the imminent raid is from the police or some Islamic group cracking down on the counterfeit DVD stores, which often sell software too.)

Tirtariyadi told a gathering of foreign reporters that if piracy dropped by just 10 percent, it would add 3.4 billion dollars to the economy, according to figures cited by the International Data Corporation.

Could someone please explain to me how that figure came about? To me it sounds suspiciously as if the argument is based on a false premise: That everyone who buys pirate software would pay full price for legitimate software if there was no alternative. Let me think about that: $3 for brand new software — often a collection of software — against $50–500 for the same thing, in a country where half the population earn less than $2 a day. I don’t think so.

Counterfeiting also inhibited an “inventive culture” and the development of a strong local information technology (IT) industry here, he said. “Some students like to create new software but three months later they find it’s pirated,” he said.

True, there is definitely an inhibiting factor. I wrote a year or so ago about a guy developing a machine translation program which wasn’t bad, but which required him to spend at least half his time developing anti-piracy features in the software. But I still think this is a disingenuous argument. Let’s face it: Microsoft (and Adobe, and all the other BSA big boys) are mainly interested in quashing piracy of their products and building up their market share; I don’t see much sign of Microsoft actually nurturing this “local IT industry”.

Indonesia, Southeast Asia’s largest economy, has less than 100 IT companies, whereas neighboring Singapore, with a far lower rate of piracy, has between 400 to 800 such companies, he added.

This is not a useful comparison. Singapore is a highly developed country and one of the world’s technology hub. Though, interestingly, it’s not really a locally creative industry, with the exception of a couple of big names.

All this makes me realise that Microsoft et al still don’t get it. Piracy is massive; they’re right. But you don’t deal with it by sponsoring misleading press conferences and well-telegraphed police raids.

Ukraine Weighs In On The Search Stakes

Another addition to my index of indexing programs: diskMETA, from <META> Inc. “the largest search engine provider in Ukraine and a leader in Cyrillic multilingual search engine morphology technologies”.

A press release issued today says diskMETA is one of the fastest desktop search engines, and is available both as freeware and shareware. The program “is intended for extra large data volumes, UP TO 100 GIGABYTES. It can create up to 100 indexes, index up to ONE MILLION various files. The search time is never more than ONE SECOND”. It works on all Windows platforms (98 or higher).

The file search works with Office document formats (DOC, XLS, RTF, TXT), HTML pages, CHM, PDF files, ZIP and RAR archives. There are three versions: Lite (free), Personal ($50) and Pro, which supports morphological English searches and Intranet wide searches ($100)

The search technology used in diskMETA, apparently, “has a long and glorious history. It is used for a decade in the nationwide biggest and most popular web search engine www.meta.ua, in a series of search tools for web-sites and CD-rooms installed in most governmental and financial national institutions” in the Ukraine.

My tupennies’ worth? It’s fast, intuitive and unfussy. You can also view the raw text in a special preview window, but it doesn’t support preview in the same way that X1, dtSearch or the new Copernic Desktop Search do. That said, it’s great to see a new player on the block, especially one so enthusiastic.