About these ads

Archive

Posts Tagged ‘Youtube’

October 2012 Cyber Attacks Timeline

November 2, 2012 Leave a comment

Click here for the first part covering the Cyber Attacks from 1 to 15 October 2012.

Here is the timeline for the main Cyber Attacks in October 2012. A month that has been characterized by hacktivism and also by several remarkable cyber crime operations.

For sure the next days will be hard for taxpayers of South Carolina, whose Department of Revenue has been targeted by foreign hackers able to access records of 3.6 million of individuals. But hard days are going to come also for banks: not only the trail of DDoS attack against U.S. Banks has continued even in the second half of the month (although different groups took credit for them), but also, on the cyber crime front, Citigroup has lost 1 million of bucks because of a loophole exploited by a ring of 13 individuals. Different motivations, same lesson: bank security needs a dramatic improvement.

Moving to hactkivism, nothing new under the sun. The pale sun of October has enlightened several operations targeting governments (Greece and Italy above all, to reflect the delicate situation of these two countries) and organization all over the world…

As usual after the jump you will find all the references.

If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 and the related statistics (regularly updated), and follow @paulsparrows on Twitter for the latest updates.

Also, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts).

Read more…
About these ads
Categories: Cyber Attacks Timeline, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

December 2011 Cyber Attacks Timeline (Part I)

December 21, 2011 Leave a comment

As usual, here it is my compilation of December Cyber Attacks.

It looks like that Christmas approaching is not stopping hackers who targeted a growing number of  organizations including several security firms (Kaspersky, Nod 32 and Bitdefender) even if in secondary domains and with “simple” defacements.

Cyber chronicles report of Gemnet, another Certification Authority Breached in Holland (is the 12th security incident targeting CAs in 2011) and several massive data breaches targeting Finland (the fifth this year, affecting 16,000 users), online gambling (UB.com affecting 3.5 million of users),  Telco (Telstra, affecting 70,000 users), and gaming, after the well known attacks to Sony, Sega and Nintendo, with Square Enix, which suffered a huge attacks compromising 1,800,000 users (even if it looks like no personal data were affected).

Online Payment services were also targeted by Cybercrookers: a Visa East European processor has been hit by a security breach, but also four Romanian home made hackers have been arrested for a massive credit card fraud affecting 200 restaurants for a total of 80,000 customers who had their data stolen.

As usual, hacktivism was one of the main trends for this first half of the month, which started with a resounding hacking to a Web Server belonging to ACNUR (United Nations Refugees Agency) leaking more than 200 credentials including the one belonging to President Mr. Barack Obama.

But from a mere hactvism perspective, Elections in Russia have been the main trigger as they indirectly generated several cyber events: not only during the election day, in which three web sites (a watchdog and two independent news agencies) were taken down by DDoS attacks, but also in the immediately following days, when a botnet flooded Twitter with Pro Kremlin hashtags, and an independent forum was also taken down by a further DDoS attacks. A trail of events which set a very dangerous precent.

Besides the ACNUR Hack, the Anonymous were also in the spotlight (a quite common occurrence this year) with some sparse attacks targeting several governments including in particular Brazil, inside what is called #OpAmazonia.

Even if not confirmed, it looks like that Anonymous Finland might somehow be related to the above mentioned breach occurred in Finland.

Other interesting events occurred in the first two weeks of December: the 0-day vulnerability affecting Adobe products, immediately exploited by hackers to carry on tailored phishing campaigns and most of hall, a targeted attack to a contractor, Lockheed Martin, but also another occurrence of DNS Cache Poisoning targeting the Republic of Congo domains of Google, Microsoft, Samsung and others.

Last but not least, the controversial GPS Spoofing, which allegedly allowed Iran to capture a U.S. Drone, even the GPS Spoofing on its own does not completely solve the mistery of the capture.

Other victims of the month include Norwich Airport, Coca Cola, and another Law Enforcement Agency (clearusa.org), which is currently unaivalable.

As usual after the page break you find all the references.

Read more…

Categories: Cyber Attacks Timeline, Cyberwar, Security Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 2011 Cyber Attacks Timeline (Part II)

November 2, 2011 Leave a comment

Halloween has just gone and here it is Part II of the October 2011 Cyber Attacks Timeline covering the second half (15-31) of this month.

From an Information Security Perspective, the 10th month of 2011 has been characterized by Duqu, the brand new Advanced Persistent Threat dubbed “The Sun Of Stuxnet”, whose echo is far from being silent (a brand new 0-day vulnerability targeting Windows Kernel has just been discovered in the Malware Installer). Duqu affected the timeline in two circumstances: not only the malware was discovered, but also an Indian Provider called Web Werks had some servers seized from a Data Center in Mumbai because they were discovered to be involved in the C&C communication of the infected endpoints.

Other noticeable events of the month involved:

  • The wave of alleged Cyber Attacks from China against Japan Parliament and Embassies and also against Canadian Finance and Treasury Board. These were not the only Cyber Events allegedly affecting China in October: even if occurred months before, news were reported that the attack against Mitsubishi Heavy Industries led to the theft of sensitive data, moreover other 760 organizations worldwide were attacked with the same methodology used for RSA Breach and originating from China as well.
  • A new tide of Hacktivism by Anonyomous and Antisec, encouraged from the OccupyWallStreet Movement, including a dramatic face-to-face of Anonymous Mexico against Las Zetas one of the most powerful Mexican Drug Cartel.

A particular rank in this month is deserved by Israel and Sweden, the first reported a huge data breach (affecting 9,000,000 users) occurred in 2006, while the latter suffered a Black October with a data leak involving nearly 200,000 users of the social platform bloggtoppen.se including Politicians and Journalists. At this point is clear that the cold Sweden won the Prize for the “Hottest Breach of The Month”.

Also Facebook was targeted with an alleged dump of 10,000 accounts, nothing if compared with the 600,000 compromised logins per day that the social network admitted to suffer).

According to my very personal estimate (based on the indications from the Ponemon’s insitute) the cost of the breaches for this months (in all those cases where enough information was available) is around $500 million, excluding the massive data breach in Israel reported today but occurred in 2006.

As usual, this Timeline was compiled with Useful Resources by:

And my inclusion criteria do not take into consideration “simple” defacement attacks (unless they are particularly resounding) or small data leaks.

Date

Author

Description

Organization

Attack

Oct 16

Fatal Error

UNESCO E-Platform Domain

The E-Platform domain of one of the Biggest Organizations: United Nations Educational, Scientific and Cultural Organization (UNESCO) gets hacked and defaced by Fatal Error Crew hackers.

Defacement

Oct 17

10,000+ FaceBook accounts

A Hacking Crew From Nepal called TeamSwaStika hacks more than 10,000 facebook accounts. The hacking crew declares next target will be Nepal Government website and e-governance for Freedom. Estimated cost of the breach is $2,140,000.

Account Hacking (Phishing?)

Oct 17

?

Sesame Street’s Youtube Channel

Sesame Street had its YouTube channel hacked on Sunday, and its highly popular child-friendly videos of muppets like Kermit the frog and the Big Bird replaced with hard core porn movies.

Account Hacking

Oct 17

?

NHS Direct Twitter Account

NHS Direct, the UK helpline which provides expert health advice via the telephone and internet, has had its Twitter account taken over by spammers promoting an Acai Berry diet.

Account Hacking

Oct 18

TurkisH -RuleZ

proXPN

proXPN, one of the famous VPN client based on OpenVPN Service, is hacked by TurkisH-RuleZ.

Defacement

Oct 19

?

Gameloft

Gameloft, a Paris-based video game company that’s a leading mobile-game developer, acknowledges that a security breach has prompted it to pull the plug on one of its Web sites, the Order and Chaos online site.

SQLi?

Oct 19

?

Duqu

In a blog post, Symantec explains it came across the first samples of a new malware infecting some computer systems in Europe that appears to be very similar to Stuxnet. More analysis shows the malware is a “simple” keylogger using the same Stuxnet Technology

N/A

APT

Oct 19

?

Lord Of The Rings On Line

A FAQ on the official forum of the Lord Of The Rings Community On Line reveals that the site was breached although no financial data has been obtained by the attackers.

SQLi?

Oct 20

?

Phishing The Phisher

Finally someone decides to give a lesson to a phisherm by hacking the phishing website with a message educating the potential victims.

Phishing

Oct 21

Vikram Pandit (Citigroup CEO)

Mobile phone number and home address of Vikram Pandit, CEO of Citigroup, have been placed on the web by hacking group CabinCr3w in retaliation for the cuffing of protesters at an Occupy Wall Street demo. In their online statement the hackers say that they had accessed the data – which also included family information and some financial figures – and uploaded it online in response to events during the recent anti-bank protests on Wall Street.

N/A

Oct 21

Law Enforcement Agencies

Anonymous and Antisec broke their apparent October silence and renewed the tradition of the Friday Dumps against law enforcement agencies releasing a 600MB data dump of confidential data belonging to Law enforcement agencies. A couple of days later an AntiSec hacker tells police in a phone call that boredom drove him to hack their website.

Defacement

Oct 22

40 Child Porn Websites

As part as what they call #OpDarknet, Anonymous takes down more than 40 darknet-based child porn websites over the last week. They also leak personal details of 1500 users. Detalils on “AnonMessage” and “BecomeAnonymous” YouTube channels.

40 child Porn Websites

SQLi

DDoS

Oct 23

?

Microsoft’s Official YouTube Channel

Hackers take control of Microsoft’s official YouTube Channel (24,000+ subscribers), remove the company’s videos and replace them with videos of their own. Neither Microsoft nor Google (which owns YouTube) have disclosed information on how the security breach was perpetrated.

N/A

Oct 23

One Hit Play

@DiabloElite dumps 1008 accounts from onehitplay.com, with no other reason beside to show the need of a stronger security. All the accounts have been stored as plain text. Estimated cost of the breach is around $214,000.

SQLi?

Oct 23

Xbox A new hackers’ crew @DestructiveSec dumps some Xbox Live accounts.

SQLi?

Oct 24

?

cheaptickets.nl

The database of CheapTickets.nl (containing 715,000 customers) is leaked. Stolen information include 1,200,000 tickets and 80,000 passport numbers. Total cost of the breach might exceed $153 million.

SQLi?

Oct 24

Intra Web Security Exploit Team

LG Australia Web Site

One of the Australian websites belonging to global electronics giant LG (lge.com.au) is hacked by a collective calling itself the Intra Web Security Exploit Team. The attackers replaced the site with some lightly-obfuscated JavaScript pretending to be conducting an injection attack.

Defacement,

Simulated SQli

Oct 24

Malicious Employee

Israely Ministry of Labor and Social Welfare

Employee with access to the Population Registry has been discovered to steal the details of over 9 million residents and then passed them to someone else. Estimated cost of the breach is nearly $2 billion.

Malicious Access

Oct 24

760 Organizations Worldwide

Brian Kerbs publishes in his blog a list of companies whose networks were shown to have been connecting to the same control infrastructure that was used in the attack on RSA. The first victims appear to have begun communicating with the attacker’s control networks as early as November 2010. According to the list 760 other organizations had networks compromised with some of the same resources used to hit RSA and almost 20 percent of the current Fortune 100 companies are on this list.

760 Organizations Worldwide

APT

Oct 25

?

bloggtoppen.se

The usernames and passwords of around 90,000 accounts at Bloggtoppen.se have been made public after a hacker attack against the website. Several journalists and politicians are among the bloggers whose log-in details have been published. On Oct 26, the Aftonbladet newspaper reported that a further 57 other websites had also been hacked, and the login details of up to 200,000 people are at risk. Estimated cost of the breach is around $42 million.

SQLi?

Oct 25

Chinese Hacker?

Japanese Parliament

According to local media reports, hackers were able to snoop upon emails and steal passwords from computers belonging to lawmakers at the Japanese parliament for over a month. PCs and servers were infected after a Trojan horse was emailed to a a Lower House member in July. The Trojan horse then downloaded malware from a server based in China – allowing remote hackers to secretly spy on email communications and steal usernames and passwords from lawmakers.

APT

Oct 25

Mitsubishi Heavy Industries

Mitsubishi Heavy Industries, a high-tech military contractor, which suffered an attack from hackers earlier this year, is reported to have lost sensitive data related to defence equipment including fighter jet planes and nuclear power plant plans, according to The Ashai Shimbun. Once again suspects are directed to China.

APT

Oct 25

Inside Error

United States Department Of Education

Highly sensitive information (including SSN) belonging to around 5,000 students was exposed after a computer error causing a federal government student loan website to reveal the data: a glitch in the website allowed students who were logged in to freely view the data of other scholars. Fortunately, the site was compromised only for 7 minutes at most, but it is possible that some users were able to steal sensitive information. Estimated cost of the breach is around $ 1 million.

Inside Error

Oct 26

?

awurval.se

314 job seekers’ e-mail addresses and clear-text passwords acquired and dumped. Estimated Cost of the breach is around $67,000.

SQLi?

Oct 26

?

Mobile Tele Systems

MTS is a primary Mobile Operator in Russia with more than 70 million subscribers. Personal data of 1.6 million mobile phone users appeared online in the second such leak in three months. The database, posted on Zhiltsy.net, included the full names and phone numbers of MTS subscribers in St. Petersburg and Bashkortostan, as well as residential addresses and passport data for some of them. According to MTS the database goes back to 2006 and most numbers are no longer valid. Estimated cost of the breach could potentially achieve $300 million.

N/A

Oct 26

@_V4ND

nationmultimedia.com

@_V4ND dumps what they say is a teaser of accounts obtained from nationmultimedia.com in what appears to be another havij or similar SQLi vun tool based attack. The leak contains user emails and passwords in clear text.

SQLi

Oct 26

Robert Delgado

Massive Identity Theft

Robert Delgado, a 40 years old California man, was sentenced to eight years in prison for identity theft after federal police GPS-tracked his phone and discovered a hard drive with over 300,000 victim profiles during a raid of his home. Estimated Cost of the thiet (not including purchases made with stolen data) is around $65 million.

300,000 frauded users

Bank Fraud

Oct 26

Pakistani Hacker

Bharat Sanchar Nigam Limited (BSNL)

Another occurrence of the Cyberwar between Pakistan and India: A Pakistani hacker “KhantastiC haX0r” hacks into the official website of India’s leading telecom Company Bharat Sanchar Nigam Limited (BSNL).

Defacement

Oct 27

Law Enforcement Authorities

@_f0rsaken a member of @TeaMp0isoN publishes a list of websites utilized by law enforcement authorities that are supposed to be vulnerable to MSAccess SQL injection attacks. A number of six sites that are listed are supposedly utilized by the police for their updates, the cybercriminals urging Occupy Wall Street supporters to take them down.

Law Enforcement Authorities

MSAccess SQLi

Oct 27

Oakland Police Department Web Site

Cyber activists associated with Anonymous target the Oakland Police Department (OPD) and other law enforcement agencies that participated in a controversial crackdown against OccupyOakland protestors with a DDoS (distributed denial-of-service) attack against the department’s website. Moreover According to TG Daily, the infamous collective is offered a $1,000 reward for anyone who can provide information on an officer that allegedly injured a war veteran that was taking part in the protest.

DDoS

Oct 27

?

Clarinda Bank Iowa

In a letter dated Tuesday, Oct. 25, bank vice president Jon Baier notifies specific customers of a data breach. The letter states the bank was not provided details of the security compromise, but to protect the impacted debit card accounts, replacement cards with new numbers were ordered. The number of affected users is unknown.

N/A

Oct 27

Japanese Embassies

There are new reports that dozens of diplomatic computers Japanese embassies abroad were infected with malware this Summer. The news comes on the heels of recent news about malicious software attacks on Japanese defense contractors and the Japanese Parliament. A report in a local Japanese publication, The Daily Yomiuri, places the infected diplomatic computers in Canada, China, France, Myanmar, the Netherlands, South Korea, and the United States. Again China is suspected since a China Link is found on the malware.

APT

Oct 27

U.S. Government Satellites

Bloomberg reports that Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission.

N/A

Oct 28

Canadian Finance and Treasury Board

Ottawa Citizen reveals that, in Jan 2011, the Canadian Finance and Treasury Board’s networks were targeted by hackers in an attempt to steal sensitive information about the potash industry even though Finance and Treasury Board representatives denies it. It looks that the hackers were actually foreign, the first clues indicating that the attack originated from China.

APT

Oct 28

PayFail

PayPal Executives’ Contact Information

In what looks to be the first of a number of “name and shame” postings, an individual or individuals posting as “PAYFAIL” upload some personal information on dozens of former and current PayPal executives. The dumped data do not seem to be particularly sensivite, nevertheless, although deleted three times so far, the original statement keeps on appearing on pastebin.

N/A

Oct 28

?

Again on Duqu

Two workers at an Indian web-hosting company called Web Werks tell Reuters that last week officials from India’s Department of Information Technology seized several hard drives and other components from a server hosted on a Mumbai Data Center, that security firm Symantec Corp indicated as communicating with computers infected with Duqu.

APT

Oct 29

El Paso County Community College

@DestructiveSec hacks the El Paso Country Community College, defacing the web site and dumps some data.

SQLi?

Oct 29

Las Zetas (Mexican Drug Cartel)

Anonymous Mexico faces one of the most dangerous criminal organizations in the World, the Las Zetas Mexican Drug Cartel. In a video they warn the Cartel to release one of their members kidnapped during a street protest, otherwise the hacker group will disclose (or dox) the identities of members of the cartel including corrupted politicians and policeman. Another example of an hacking action with huge real aftermaths in terms of possible deadly retaliations.

Mexican Droug Cartel

SQLi?

Oct 29

Dominican Republic Police

As part of their Spanish Solidarity Saturday Anonymous release a pastebin document containing a list of finds and vulnerabilities on the Dominican Republic Police system and some other sites too. They also left a website defaced.

Several Vulns,

Defacement

Oct 31

3xp1r3 cyber army

hi5ads.com

A hacker group going by the name of 3xp1r3 cyber army dumps two separate pastes with respectively 5,065 and 3,149 account details to www.hi5ads.com. The leaks contain emails and plain text passwords. Estimated cost of the breach is around $680,000.

SQLi

Oct 31

3xp1r3 cyber army

Bangla TV

The Same group hacks Bangla TV and releases 1,517 usernames and clear-text password. Estimated cost of the breach is around $320,000.

SQLi

Oct 31

ScreamDevz

Penguin Elite

A group or individual dubbed ScreamDevz hacks Club Penguin Elite Database and dumps nearly 400 usernames, emails and MD5 hashed passwords. Estimated cost of the breach is around $80,000.

SQLi

Oct 31

Chinese Government Web Site

@TehMaskz, a member of @ChaoticSec defaces a web site belonging to Chinese Government (at the time of writing http://www.wfaic.gov.cn/index.html is still defaced). In the same circumstance other 9 sites all over the World are defaced.

Defacement

Oct 31

One Hit Play

@ChaoticSec hacks One Hit Play (once again) and releases more than 1000 User information, including emails, passwords, and usernames. Estimated cost of the breach is around $214,000.

SQLi

Oct 31

comitet.ru

@DeleteSec attacks comitet.ru and dumps more than 2000 records with email and passwords. Estimated cost of the breach is around $420,000

SQLi

Oct 31

plusline.org

@DeleteSec attacks plusline.org and dumps more than 1000 records with email and passwords. Nearly in contemporary the same group dumps 700+ accounts from several sites. Estimated cost of the breach is around $420,000.

SQLi

Oct 31

Mr. DarkCoderz

Adult Site

Another occurrence of hackers dumping data from adult sites. Estimated cost of the breach is around $43,000.

Adult Site

SQLi?

Switch Off The Revolution (With An Infrared Sensor)

Just a couple of months ago, in writing the first post about Mobile Warfare (which should have later become Consumerization of Warfare) I expressed some considerations about the growing need for illiberal government to prevent the use of mobile devices as preferred media for the rioters to capture live images of the events, and to spread the information all around the Globe by mean of Social Networks.

Cutting off the Internet has been the first clumsy countermeasure applied by Egypt and Syria, but it is really unlikely that this kind of massive preventive block will be applied again by other countries because of the huge dependence of Internet, which characterizes our epoch, and consequently, as a collateral damage, would stop other vital activities.

As a consequence, I hypothesized that possible future countermeasures will aim to make unusable directly the source of information (read mobile devices), and the media for sharing them (read social networks), relying upon a new generation of Cyber-warfare among which:

A massive Denial of Service for mobile devices through massive exploit of vulnerabilities (more and more common and pervasive on this kind of devices), through massive mobile malware deployment or also by mean of massive execution of mobile malware (as, for instance, Google did in order to remotely swipe the DroidDream malware). Honestly speaking I consider the latter option the less likely since I can easily imagine that no manufacturer will provide cooperation on this (but this does not prevent the fact that a single country could consider to leverage this channel).

No manufacturer will provide cooperation on this? Maybe… Too many times reality surpasses imagination, and when it comes to reality that surpasses the imagination, then surely it comes from Apple. This time, unfortunately, not in the sense that we’re used to (admiring products years ahead of the competition, which previously did not exist not even in our imagination), but in the sense that a patent recently filled by Apple could implicitly provide cooperation for illiberal governments to prevent smartphones to take live images of protests.

It looks like that Apple is Apple is developing software that will sense when a smartphone user is trying to record a live event, and then switch off the device’s camera (only the camera, the other functions will not be affected) by mean of infrared sensors directly installed on the device. The real reason is probably the need to prevent concertgoers to post footage of events on YouTube or other similar sites (at the expense of the organizers which sometimes sell sell their own recordings of the events), which could potentially allow Apple to negotiate better conditions with labels when dealing for placing music on sale on iTunes (and could also potentially provide another source of revenue by charging people to film live events).

But besides commercial considerations, there is another important aspect (a collateral damage I would say). The events of recent months have shown us that the concerts were not the only places where the phones have been used to capture live images. In North Africa and Middle East they have been used to document repression and illiberality. But what would have happened if this technology had really been developed? Probably it would have limited the effect of the winds of change in Tunisia, Egypt, Syria and Libya, since Mobile Devices (and their cameras) played (and are playing) an important role to witness the real entity of the events.

Imagine if Apple’s device had been available to the Mubarak regime earlier this year, and Egyptian security forces had deployed it around Tahrir Square to disable cameras just before they sent in their thugs to disperse the crowd.

Would the global outcry that helped drive Mubarak from office have occurred if a blackout of protest videos had prevented us from viewing the crackdown?

This is more than speculation. since thousands of cellphone cameras in the Middle East and North Africa have been used to document human rights abuses and to share them with millions via social media. I went in Libya approximately a month before the beginning of the revolution and I was astonished by the number of iPhones noticed over there.

This is more than speculation also because the role of mobile technologies for the above mentioned events has been recognized also by Mr. Obama during his speech on Middle East.

As correctly stated, Smartphones like the iPhone and Droid are becoming extensions of ourselves. They are not simply tools to connect with friends and family, but a means to document the world around us, engage in political issues and organize with others. They literally put the power of the media in our own hands.

Apple’s proposed technology would take that power away, that is the reason why the community is moving in order to urge Steve Jobs to pull the plug on this technology.

New Technologies? Innovative Repression!

At the end, the Syrian Government could not resist to temptation and followed the wake of Egypt a couple of months ago: since the Internet is the main culprit for the wind of changes blowing in the Middle East, nothing better than shutting it off intermittently in the areas of Damascus, Hama and Daraa. Unfortunately Syria is only the last example of the crusade led by several countries against the internet, and new related technologies: a complete, impressive, picture may be obtained reading the Freedom on the NET 2011, A Global Assessment Of Internet And Digital Media, which has anlayzed the level of freedom in accessing the Internet and new technologies, and the possible obstacles in 37 countries, including countries such as China, Iran, Egypt (and Italy as well). The report is the prosecution of a previous document issued in 2009 and take into considerations events that contributed to obstacle the Internet access in those countries in the period ranging from 2009 to 2011.

The results are well summarized by the sentence: New Technologies, Innovative Repression.

 In particular, the report emphasizes the main role played by the Social Network, stating, among the other things:

The new internet restrictions around the globe are partly a response to the explosion in the popularity of advanced applications like Facebook, YouTube, and Twitter, through which ordinary users can easily post their own content, share information, and connect with large audiences. While mostly serving as a form of entertainment, over the last two years these tools have also played a significant role in political and social activism. In Egypt and Tunisia, for example, democracy advocates have relied heavily on Facebook to mobilize supporters and organize mass rallies. Similarly, Bahraini activists have used Twitter and YouTube to inform the outside world about the government’s violent response to their protests.

It is what I called the Thin Red Line (even if my country probably sits in that part of the line in which these technologies are used for entertainment).

The ways used to control the Internet vary hugely from country to country and include: preventive centralized block of unwelcome contents, total block of Social Networks, access to the Internet only available from Government- controlled sites, threats and arrests to bloggers up to true state-led cybercrime operations such as massive DDOS attacks towards web sites of media not aligned, most of all in periods close to elections.

Among the countries taken into considerations, Thailand, Russia, Venezuela, Zimbabwe and Jordan are considered at Risk, while, in the overall score, computed with a metric ranging from 0 (total liberty) to 100 (total repression) Iran is the country opposing the main obstacles to a free Internet Access with a score of 89. It is undoubtedly in good company of countries like Burma (88), Cuba (87), China (83), Tunisia (81 but before the Jasmin Revolution), Vietnam (73) and Saudi Arabia (70) occupying the bottom positions of this unwelcome ranking.

Approximately in the same days in which this very interesting document was released, the CPJ (Committee to Protect Journalists) released another interesting ranking: The 10 Tools Of Online Oppressors: reversing the order of factors does not change the result, as matter of fact according to the last report:

  • Iran, since the disputed 2009 presidential election, has dramatically increased the sophistication of its Web blocking, as well as its efforts to destroy tools that allow journalists to access or host online content, ranking over the top for Web Blocking;
  • Belarus (showing a score of 69 in the global assessment), often uses denial-of-service, or DOS, attack to break down opposition sites during the elections, ranking on the top for Precision Censorship;
  • In Cuba, Only a small fraction of the population is permitted to use the Internet at home, with the vast majority required to use state-controlled access points with identity checks, heavy surveillance, and restrictions on access to non-Cuban sites. To post or read independent news, online journalists go to cybercafes and use official Internet accounts that are traded on the black market. That is the reason why Cuba ranks #1 for Denial Of Access;
  • In Ethiopia a state-owned telecommunications company has monopoly control over Internet access and fixed and mobile phone lines. The country has also invested in extensive satellite-jamming technology to prevent citizens from receiving news from foreign sources gaining the first place for Internet Control;
  • In Burma, exile-run news sites still face censorship and obstruction, much of it perpetrated by home governments or their surrogates. Exile-run sites that cover news in Burma face regular denial-of-service attacks, allowing the country to get the crown for Attacks for Exile Run Sites.
  • In China Journalists reporting in and about the country, have been victims of spear-phishinging installing malwer targeted to control the Journalists’ computers, in a pattern that strongly indicates the targets were chosen for their work. China is probably the most sophisticated for Malware Attacks;
  • Tunisia (under Ben Ali) had a pervasive censorship of email and social networking sites under Zine el-Abidine Ben Ali, gaining the first place for State Cybercrime;
  • Egypt (under Mubarak) was the first country to completely kill Internet Switch (suddenly followed by other countries such as Libya, Barhain and Tunisia);
  • Syria remains one of the world’s most dangerous places to blog due to repeated cases of short- and long-term detention, ranking #1 for Detention of Bloggers.
  • Russia is the country where online journalists have become the latest targets of anti-press violence, ranking #1 for Violence Against Online Journalists.

Some final thoughts

Thought #1: I suggest to my compatriots to read the Global Assessment Of Internet And Digital Media in the sections concerning Italy (score 26). It is a really deep interesting analysis of the factors which affects Internet access in our country.

Thought #2: In all those countries where social networks are not censored, they remain a powerful medium to spread information. According to Twitter spokesman Matt Graves, yesterday:

Twitter traffic spiked to more than 4,000 tweets per second at the beginning and end of President Obama’s speech tonight announcing the death of Osama Bin Laden,” said company spokesman Matt Graves.

This simple sentence, more than ever, explains why the blue twitter canary is so  undigested in many countries.

Mobile Warfare in Syria

March 27, 2011 8 comments

Sources report that last week 150 people were killed during the protests against president Bashar al-Assad in Syria. Also in this circumstance, as already happened in Tunisia, Egypt and Libya, the world is witnessing to the protests thanks to the hundreds of citizen reporters equipped with their mobile devices and Internet connections.

The mobile warfare is acting in these countries too: as a matter of fact the tweets allow to follow the protests in real time, by mean of continuously up-to-date short messages, while Facebook allows the spread of the movements throughout the Nation (and not only): the blue social networks calls to join the revolution, by mean of continuously increasing groups, the largest of which The Syrian Revolution 2011, currently counts more than 90.000 supporters. In the same time, more and more videos shot by mobile devices are flooding YouTube.

In a certain sense it looks like the Middle East is playing a global Risk board game, whose troops are represented by mobile devices, whose effects on the social landscape effects on the social landscape have no geographical boundaries, especially for those governments that restrict the civil liberties of their citizens. This global Risk match is far from the end, since the invasion of the Mobile Warfare (and its effects for the governments)  is also happening in Yemen and Bahrain, which are suffering similar outbreaks of protests. It is interesting to notice that all the peaks of the revolutions were spaced, in a time scale, by approximately one month:

  • Tunisia, Jan 14th 2011: president Ben Ali ousted;
  • Egypt, Feb 11th 2011: president Mubarak stepped down;
  • Libya, March 19th 2011: after two weeks of fight Operation Odissey Dawn begins

If we perform a kind of extrapolation, does this mean that peaks of the protest in Syria and Jordan will reach the maximum at the half of April?

Mobile Warfare spreading into Middle East

Speculation aside, as far as Syria is concerned, what is happening is following the same pattern advised in Maghreb area with the only difference that, so far, Syria did not decide to disrupt the internet connection in order to stop the stream of information towards foreign countries.

From a political and social perspective, all the involved countries have too many aspects in common: long-living governments (in Syria the al-Assad Dynasty governed continuously for 40 years, which become 42 in case of the monarchy of Bahrain), younger generations with no dream and trust on future, eager for more freedom. Most of all, younger generations which have access to internet connections and social networks (I was in Syria for work three years ago and can confirm that, even then, the penetration of internet, mobile technologies and social network was well established), through which they may observe, study (and compare), the (apparently) better conditions of their occidental peers.

I think the process is irreversible, and indeed is likely to increase (Saudi Arabia, Iran and Iraq will probably be suffering other outbreaks in the middle term). Meanwhile will be interesting to notice if the involved governments will apply preventive measures, on large scale, for instance the disruption of the Internet connections, or targeted specifically on mobile devices or preventing to reach the social networks for sharing tweets, groups or videos…

C’era una volta… Il Sogno Americano… (E per fortuna c’è ancora!)

January 14, 2011 Leave a comment

In una delle innumerevoli navigazioni notturne, mi sono imbattuto in questa significativa storia relativa al sogno americano, sogno che non passa mai di moda, e alla tanto acclamata (a parole) fuga di cervelli dal Belpaese, il tutto condito con un briciolo di Hi-Tech.

La favola, come nella migliore tradizione della Silicon Valley inizia in un garage, all’ombra non dei grattacieli di San Francisco, ma della più tradizionale Madonnina Meneghina.

I protagonisti sono Marco Palladino, giovane imprenditore tricolore ventiduenne, e suoi due compagni di ventura, (Augusto Marietti e Michele Zonca) nonché soci nell’improbabile (nel Belpasese) progetto di creare un marketplace per interfacce di programmazione (API) basato sul cloud: una piattaforma in grado di consentire agli sviluppatori di distribuire facilmente le proprie API a tutta la comunità di utenti del servizio (e agli utenti stessi di APIzzarsi)

La storia inizia 2 anni fa quando i protagonisti della storia si avviano nell’improbabile impresa di setacciare a fondo il panorama imprenditoriale italiano alla ricerca di finanziamenti per il loro progetto (che sarebbe poi diventato Mashape, questo è il nome della start-up). Dopo oltre un anno di ricerca senza esito, ad aprile 2009 si rinchiudono nel classico garage a scrivere codice, e finalmente a novembre 2009 volano oltreoceano per presentare un prototipo del prodotto al TechCrunch50.

Da lì, l’idea di fare le valigie e trasferirsi in pianta stabile negli Stati Uniti a gennaio 2010.

Una volta approdati Oltreoceano i ragazzi non si perdono d’animo e si buttano a capofitto alla ricerca dei finanziamenti necessari con tutti i mezzi a disposizione. E come per miracolo (quando si parla del Belpaese tutto è possibile, nel bene e nel male) dopo 19 giorni riescono a trovare la somma necessaria (ben 101.000 $). In ogni favola non manca mai il principe azzurro, in questo caso sono due e vestono i panni di Kevin Donahue e Dwipal Disai fondatori originali di Youtube (ai quali si sono raggiunti in seguito altri investitori), che in 19 giorni mettono sul piatto quello che gli imprenditori italiani non erano riusciti a proporre in due anni.

Sicuramente la cosa che colpisce è il fatto che 101.000 $ non sono una somma esorbitante, ma la spiegazione è tutta nell’amaro commento di Marco Palladino:

La questione è puramente culturale: in Italia la comunità degli investitori è più piccola e possiede meno risorse che in Silicon Valley. Pertanto non vuole prendere rischi investendo in un modello nuovo e innovativo, preferendo piuttosto investimenti affidabili e sicuri. Di consguenza finanzia modelli già esistenti, con la conseguenza di rallentare l’innovazione locale.

La spiegazione è resa ancora più amara se la si cala nell’attuale panorama sociale italiano in cui si accusano il mondo politico, scolastico ed economico di non lasciare spazio alle giovani menti brillanti, per poi lasciarsele sfuggire oltreoceano con le proprie idee innovative (anche al costo dei classici quattro baiocchi).

Resta la consolazione, come ribadito dallo stesso Marco Palladino, che nonostante i problemi economici e sociali, almeno il Sogno Americano è ancora “up and running“.

Follow

Get every new post delivered to your Inbox.

Join 3,175 other followers