Articles from last posting
Indian call centre worker sells sensitive data to UK reporter
US army cybersleuths find keyloggers on network in Afghanistan
Security products riddled with holes
Shareholders approve Symantec and Veritas merger
ChoicePoint CSO tries to make a silk purse out of a sow's ear
Bluetooth security requires 8-digit PINs
Read Mary's latest column, The Weakest Link in the Globe & Mail- about the recent 40 million credit card breach at a US payment processor
Update
A class action suit filed in California, on behalf of a number of defrauded credit card holders, and impacted merchants, against the credit card companies, and some banks - has been amended to include a claim for damages.
The suit claims that the card companies breached California law by failing to secure credit card systems and by not informing consumers in a timely manner about the massive security breach.
The initial remedy sought was for consumers whose information was exposed 'to be informed and granted access to a credit-monitoring service', and for card companies to waive merchant charge-back fees and penalties. The stakes are likely to get higher, as the full extent of the breach, and its repercussions become clear.
News............
FTC gets order freezing assets of errant spyware removal vendor
The US Federal Trade Commission got a temporary injunction and asset freezing order (link is to the Complaint that sets out the facts nicely) against Trustsoft - Texas based- and its principle officer - for misleading and deceptive advertising - and for spamming consumers - pursuant to the US CAN-SPAM Act.
Trustsoft apparently engaged in snake- oil salesmanship - spamming consumers with false claims that their computers had been scanned by its spyware removal tool (not true); that spyware had been located (similarly false), and claims that its SpyKiller product could do anything to fix problems found (it could not).
It is worth reading the Complaint for the exhibits alone -"frightening pop -ups" to terrify consumers - plus the FTC alleged that the supposed scans completed on consumers' PCs were 'nothing more than computer graphics that have no computer scanning capabilities'.
As well as a temporary injunction and asset freezing order, Trustsoft must provide an accounting of all assets in the US, and elsewhere. The nature of the order is such that there was clearly concern that they were a flight risk and would swiftly move assets offshore to frustrate any final order.
I highly recommend that spyware vendors everywhere study this case very carefully- it has always been a bone of contention for me that many 'reputable' security companies grant consumers one 'free scan' to locate viruses/spyware, but then you must pay to eliminate the supposedly identified threats.
Copies of the FTC press release and temporary restraining order can be located here.
Pakistan still cut off from the Internet
The undersea fibre optic cable that connects Pakistan's Internet users to the outside world is still out of operation - one week later - as repair and rescue operations are frustrated by bad weather, and an inability, to date, to pinpoint the exact spot where the cable is damaged.
According to the Pakistan Daily, Dawn, 'the 92-party consortium that runs the world’s longest undersea fibre-optic cable, known as SEA-ME-WE-3, last week appointed a UAE-based company, E-Marine, to repair the fault. E-Marine, whose first repair ship reached Karachi on Saturday morning, is owned by Etisalat which recently bought 26 per cent of the Pakistan Telecommunication Company for $2.59 billion.... Mr Hussain said that over 50 engineers aboard the ships and scores of PTCL technical experts were taking part in the round-the-clock repair operation'...
“The 39,000-kilometre-long fibre-optic cable is buried in the sea in coastal waters. However, it lies on the seabed on the high seas. Mechanical arms from the ships will shortly pull up the fibre-optic cable from the seabed, inspect it, and replace it if necessary. The entire exercise will be closely watched by engineers on their monitors on the two ships, in the PTCL control centre and in Singapore,” he explained.
No quick fix is expected, as banks and industry rely on satellite links for Internet access.
What is extraordinary about this situation is the lack of resiliency built into the infrastructure - with no backup cable in place. Such issues must always be foremost in the minds of investors and companies anxious to save costs by moving operations offshore.
Dawn reports that 'India, Djibouti, Oman and the United Arab Emirates — had agreed to a two-hour shutdown' to help address the problem, as their networks are inter-linked.
Update July 9, 2005- the cable has finally been repaired
The coaxial cable was damaged, according to senior telecommunication company executives, by 'the anchor of a ship'. To avoid such incidents in the future, a committee has been formed to seek a ban on fishing 'in the sea over the cable', and plans are underway for a backup cable. The government will foot the cost of the satellite links that provided coverage to businesses when the cable went dark.
"Freakish incident" takes down New Zealand's Stock Exchange
Another example highlights how fragile global communication networks really are - and how critical business continuity and disaster recovery planning must be.
The New Zealand Stock Exchange was recently down for six hours, and the country left in virtual chaos, when rats chewed through an important cable, and then the backup system was taken out in a back hoe incident.
No doubt a rare and unfortunate confluence of events- but nonetheless, not entirely unforeseeable. According to the excellent article in the NZ Herald, the International Telecommunications Union (ITU) placed NZ 41st out of 42, in its list of statistics for telecommunication investment per inhabitant - Norway finished first. Concerns exist that the communications infrastructure in NZ is under funded, and thus is not as resilient as it should be.
|
