In Through The Out Door

The existence and operation of massive, coordinated, government-affiliated online espionage networks is typically the province of television or the silver screen, rather than the subject of research. In the real world, even a direct link between online and offline action (Russia’s invasion of Georgia and the simultaneous online attacks against that country

are a good example) is not enough to automatically prove that the government behind the one is automatically behind the other. We’ve covered the rise of hacktivism previously on Ars; as more citizens

come online, we’ll undoubtedly see more of this type of crowdsourced aggression in the future.

Researchers in Toronto, however, may have actually discovered and tracked a hacking effort that can be traced back to a foreign intelligence network—China’s, in this case—over the past ten months. The team, which is affiliated with

the Munk Centre for International Studies, has published an extensive report on the activities of what they dub GhostNet. Their investigation took place from June 2008 through March

of 2009, and focused on allegations that the Chinese had engaged in systemic online espionage activities against the Tibetan community. GhostNet was spread through the use of a wide variety of Trojans, many of which were controlled through a program nicknamed gh0st RAT (Remote Access Tool).

Click here to read the rest of this article

[From Chinese cyberespionage network runs across 103 nations]

IT news might be bad in almost every corner of the industry, but one industry segment seems better fit to ride out the recession than most. Sales of security appliances to various business sectors in Western Europe grew revenue a total of 14.4 percent in 2008 as compared to 2007, but that growth slacked off a bit in the fourth quarter; sales rose only 10.1 percent. Those are solid numbers in any economic climate, and particularly in this one.

The increase in total revenue was not spread evenly across the top five vendors. Fortinet reported 29.5

percent revenue growth from 2007-2008, followed by Cisco (20.5 percent) and “other” (18.7 percent). Nokia and Secure Computing eked out smaller gains of 6.6 percent and 2.3 percent,

respectively, while Juniper fell off a cliff. Company revenue dropped 17 percent year-on-year, which helps explain why everyone else grew at such a high rate.

Click here to read the rest of this article

[From Report: IT not scrimping on security during recession]

Wednesday, at an event in Santa Clara, Sun Microsystems and the Internet Archive announced a joint effort to move the Archive’s growing, three-petabyte (about 150 Libraries of Congress) data store into one of Sun’s Modular Datacenters—the famous datacenter in a shipping container, which we’ve covered previously.

The Archive, which also hosts the ever-popular Wayback Machine, currently runs on a custom storage architecture. But, in keeping with the group’s mission of open access to information, they opted to move it to a Sun MD that’s based on Sun Fire x4500 servers and ZFS.

Click here to read the rest of this article

[From Sun puts Internet Archive in a box, but will it stay there?]

Experts: U.S. needs to defend its “cyber turf”

[From News: Experts: U.S. needs to defend its "cyber turf"]

“Google engineers say it was not expensive and required only a small team of developers to enable all of the company’s applications to support IPv6, a long-anticipated upgrade to the Internet’s main communications protocol. ‘We can provide all Google services over IPv6,’ said Google network engineer Lorenzo Colitti during a panel discussion held in San Francisco Tuesday at a meeting of the Internet Engineering Task Force (IETF). Colitti said a ’small, core team’ spent 18 months enabling IPv6, from the initial network architecture and software engineering work, through a pilot phase, until Google over IPv6 was made publicly available. Google engineers worked on the IPv6 effort as a 20% project — meaning it was in addition to their regular work — from July 2007 until January 2009.

[From Google Engineers Say IPv6 Is Easy, Not Expensive]

The dirty little secret about patching routers is that many enterprises don’t bother — for fear of the fallout any changes to their Cisco router software could have on the rest of their infrastructure. But the recent discovery of a way to easily hack these devices has put pressure on organizations to change their ways and patch. This article in Dark Reading gives tips on how to patch without taking down the network, including input from Cisco’s own director of IT on how Cisco itself handles router patching.

[From Cisco Router Hack Inspires New Patching Religion ]

The vulnerability is in the program for unpacking JAR archives and merely visiting a crafted website may allow the exploit. An update is available to fix the problem

[From Security vulnerability in Sun's Java environment]

Cisco has published the details of several vulnerabilities in its IOS network operating system, some of which could allow a remotely exploited denial of service condition

[From Cisco patches several vulnerabilities in IOS]