Tokyo’s Cyber Emergency Centre at the vanguard of hacking defence

By | March 9, 2010

Tokyos Cyber Emergency Centre at the vanguard of hacking defence

Across one wall of a Thunderbirds-style command centre a huge map of the world keeps a running log of global cyber-attacks. Bloodcurdling names dart across the screen as thousands of computers are attacked in Houston or Hiroshima or Hampstead. This is Tokyo’s Cyber Emergency Centre.

Itsuro Nishimoto gives an order to one of his staff, who hacks a nearby laptop. In less than a minute he can observe the person working at that computer using the laptop’s webcam. The operating light has been disabled; the user has no idea he can be seen.

“The cyber-attacker will tend to watch and wait until the user goes to the bathroom or to get a cup of coffee,” says Mr Nishimoto, “then the real assault begins. People talk about cyberwar as if it hasn’t already begun. It has. It has all the characters of real wars: attackers, defenders, innocent victims, fearsome weapons. Even mercenaries.”

To gain access to the victim’s laptop, Mr Nishimoto has used a piece of Chinese software — a ready-to-use package that is sold widely in Chinese hacking circles and is simple enough for a small child to use. But the real problem, explains the managing director of the Cyber Emergency Centre, are not attacks such as these but the online raiders his sensors are not detecting.

Cyber defence experts describe a rapidly changing theatre of war. One startling trend, Mr Nishimoto says, is how closely the growth of cybercriminality has matched the rise of the BRICs — the acronym for the emerging market potential of Brazil, Russia, India and China.

Governments are undoubtedly involved, he says, and the attack potential has now risen to the point where hacking should be viewed as part of a country’s military capability. Mr Nishimoto’s biggest fear is that Beijing’s tacit nurturing of its cybercriminal army is creating imbalances. “Cyber-attack capacity is like nuclear weapons: when there is balance, there is peace. When there is imbalance, nobody is safe.”

via Tokyo’s Cyber Emergency Centre at the vanguard of hacking defence – Times Online.

Related:

The Webcam spy case in the Lower Merion School District near Philadelphia has raised concern as to whether others with Webcams are vulnerable to remote spying. The school district admitted to activating the Webcams 42 times during a 14-month period, claiming that it did so only to track lost or stolen laptops.

But for anyone with a Webcam (and Webcams are now built in to many laptops and desktops), the question is whether you are vulnerable to having your Webcam remotely turned on. The answer is yes, though the newest version of the software used by the district to monitor its computers can no longer be used to activate Webcams or even track stolen computers.

According to Harriton High School student Phil Hayes, officials at the Lower Merion School District used a program called LANRev to manage and track the Macintosh laptops issued to students. The product was published by Pole Position Software, which was acquired last year by Vancouver, B.C.-based Absolute Software. An Absolute Software spokesman verified that it is also his understanding that the school used LANRev software.

The Philadelphia Inquirer reported that Mike Perbix, a network technician from the district, had recorded a Webcast where he talked about his use of LANRev. In a YouTube video attributed to Perbix, he says, “I’ve actually had some laptops we thought were stolen which actually were still in a classroom because they were misplaced, and by the time we found out that they were back I had to turn the tracking off and I had a good 20 snapshots of the teacher and the students using the machines in the classroom.” …

Geide recently blogged about a Chinese government Web site that had been hacked to post malware to utilize an Internet Explorer 6 vulnerability to plant Backdoor:W32/Hupigon which, according to F-Secure, is “a remote-administration utility which bypasses normal security mechanisms to secretly control a program, computer, or network,” and “allows for recording with the user’s Webcam.”

TrendMicro education director David Perry stressed the importance of being aware of vulnerabilities. “It would do a public service, if we could make the public more aware that when you hook something like a Webcam up to your system that making it secure is your responsibility,” Perry said. “By default, it’s insecure.”

In October 2008, TGDaily reported on a “game” that could “mislead people into clicking on a link that can then remotely control the user’s Webcam and microphone.” This YouTube video shows a proof of concept of a simple game that could cause a user to turn on the remote camera for an attacker. … – cnet.com

Leave a Reply