If you are having trouble viewing this email, click here to view this online



   ISSUE 23

24 June  2013

Article of the Month  Around the World

Social Networking Tools for a Surveillance Society

Part 02 

Two tools I would like to highlight mentioned above are Carnivore/DCS 1000 and Echelon

.Carnivore was a system implemented by the Federal Bureau of Investigation that was designed to monitor email and electronic communications. It used a customizable packet sniffer that can monitor all of a target user's Internet traffic. Carnivore was implemented in October 1997 and replaced in 2005 with improved commercial software.

Digital Collection System (DCS 1000) is accused to be the upgraded version of the Carnivore which was introduced after 9/11 attack since public was displeased with Carnivore.




Echelon is a signals intelligence collection and analysis network operated on behalf of the five signatory states to the UK–USA Security Agreement (Australia, Canada, New Zealand, the United Kingdom, and the United States, known as AUSCANNZUKUS or Five Eyes). It has also been described as the only software system which controls the download and dissemination of the intercept of commercial satellite trunk communications. It is said the Echelon can eavesdrop on any telephone or digital communication that occurs anywhere in the world and even a normal conversation anyone is having in a public place where a CCTV Camera available can be monitored and recorded. The advancement of the echelon is such that by inserting keywords such as “assassination”, “president”, you can even filter the conversations and retrieve only the required ones. Though the officials admit the existence of Echelon, they do not admit it’s true capacity. And the most important thing about echelon I would like to highlight is that it was introduced in early 1960s and still it is developing itself to adapt to the modern requirements.

Why the Surveillance Society?

We are now in an era where Information is considered the most important and valuable asset. Whoever it may be, may it be a person, country, a corporation or an organization, who has more information will be ahead of all the others. This is a tactical as well as a financial advantage anyone would like to have in the race to the top of the world.

We have evolved from traditional warfare to cyber warfare to information warfare. In that kind of a background having set up a system to gather as many information as possible will be the prime goal of any government.

With many terrorist organizations such as Al-Qaeda, Haqqani Network, LTTE using Surveillance Society to gather intelligence and promote their agendas among public made everyone consider more innovative and user friendly ways to establish a Surveillance Society..

Especially with the ethical problems of invading privacy, it is very important especially for a government to establish a Surveillance Society which will not alarm the public. In such a scenario, if there can be a transparent and public friendly method to be used to gather information, especially about people, groups and their activities in a covert manner, it would be the ideal tool for any terrorist organization, private corporation or for any government.

Social Networking Tools

This is where the Social Networking Tools come in to play. Today approximately around 2 Billion users around the world uses internet on a daily basis and 1.5 Billion users are subscribed to a Social Networking site. With this kind of a set up where every user in their Social Networking site updates their personal information, work information and social information has an immense amount of information for the Surveillance Society.

If every citizen of the country has subscribed to a Social Networking site and are updating their profiles on a regular basis (assuming they input genuine information), uploading photos, videos of their activities and mention even their plans for a day, just imagine how valuable that information can be to a Surveillance Society!

All the users subscribed to the Social Networking site are updating and uploading information because they wish to do so and not because the government ask them to. And government having access to that information with the surveillance tools they already have in hand will know everything they need to know about their citizens.

Due to this reason now many governments are experimenting on utilizing the Social Networking site for intelligence/information gathering. According to reports, even China, where Facebook kind of Social Networking sites are banned, is looking at the possibility of introducing a Facebook syndicate in order for the citizens to use as a Social networking tool while the government can gather information and monitor their citizens.

Worldwide Unique Visitors (000)
as at November 2011
Facebook.com792,99955.1 %
Twitter.com167,90311.7 %
Linkedln.com94,8236.6 %
Google Plus66,7564.6 %
MySpace61,0374.2 %
Others255.53917.8 %
Total1,438,877100 %


Cyberspace has done marvels to the world. It has converted the world in to a Global Village where we all Glocals (Global + Local). Cyberspace has invaded the world and it has evolved from computers to laptops to mobile phones. Currently there are 2 Billion internet users and over 5 Billion mobile phone users in a 7 Billion populated Global Village.

We live in a virtual reality where most of our meetings and communications are done either by email, telephone or mobile phones. We have got ourselves addicted to the technology and we spend more time on internet trying to socially network instead of meeting our friends for real. We keep all our valuable information on our computer, laptop or mobile phones. Even though we go to bank to deposit money, all our transactions are recorded digitally and our account balance is a value stored in a computer database. We read or books on electronic format, watch our television and newspapers on internet.

In this kind of a society who can assure us that we are not being watched right now?


- Rangamini Werawatta

Rangamini is a ICT Consultant and a freelance journalist who contributes to national newspapers. He holds a Bachelor of Science degree in Information Technology (BSc-IT) from the Sri Lanka Institute of Information Technology (SLIIT) and he is a Member of the British Computer Society (MBCS), the Chartered Institute of IT.
He is also the author of the book “Cyber Security: 01 Byte from the Cyberspace”; ISBN: 978-955-658-253-6







  Microsoft, FBI crack cyber crime ring

''....Microsoft announced today that in cooperation with the U.S.
financial services industry and leaders including the Financial Services Information Sharing and Analysis Center (FS-ISAC), NACHA -- The Electronic Payments Association, the American Bankers Association (ABA), a network accounting for over a thousand botnets has been disrupted.
In conjunction with other technology firms and the Federal Bureau of Investigation (FBI), the Redmond giant says the investigative team was able to discover and take down a botnet system which is responsible for stealing people's online banking information and personal identities......'

  Dutch public transportation may be hackable with an Android smartphone

'....The smartcards used to pay for public transportation in the Netherlands may now be hacked with an Android phone, according to a report from NOS.nl. The crack requires two free apps that allow the cracker to load the card with money and travel without paying anything......'

Chinese hackers reportedly stole Obama and McCain documents


'....During the 2008 presidential campaign, top-level staffers'laptops were infiltrated with malware that allowed alleged Chinese hackers to steal internal documents, files, and e-mails......'

Verizon order: NSA collecting phone records of millions of Americans daily


'....The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America's largest telecoms providers, under a top secret court order issued in April.

The order, a copy of which has been obtained by the Guardian, requires Verizon on an "ongoing, daily basis" to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.

The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk ? regardless of whether they are suspected of any wrongdoing......'

EU to vote On Stiffer Penalties For Hackers

Member states of the European Union might soon be creating new laws that will raise minimum prison sentences for convicted cyber attackers and botnet herders. Last week, the European Parliament committee on Civil Liberties, Justice and Home Affairs has approved a draft for a directive whose objective is to "approximate rules on criminal law in the Member States in the area of attacks against information systems, and improve cooperation between judicial and other competent authorities."The proposal is scheduled to be voted on by the European Parliament in July, and if the draft gets approved, the directive will become a concrete proposal on the basis of which member states will be urged to model their laws regarding attacks against information systems.

Gartner Says Worldwide Security Market to Grow 8.7 Percent in 2013

'....As companies continue to expand the technologies they use to improve their overall security, the worldwide security technology and services market is forecast to reach $67.2 billion in 2013, up 8.7 percent from $61.8 billion in 2012, according to Gartner, Inc.The market is expected to grow to more than $86 billion in 2016.Gartner analysts see three main trends shaping the security market moving forward ? mobile security, big data and advanced targeted attacks......'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in May  2013
 Fake + Harassment
 Statistics - Sri Lanka CERT|CC
  In bound Threats to Sri Lanka during May 2013


Researchers Claim They've Discovered The Most Advanced Android Trojan Yet

Researchers say they have discovered a sophisticated trojan that targets Android smartphones – exploiting two previously unknown vulnerabilities in the mobile platform and a third flaw in separate software – to send text messages to premium-rate numbers and download other malware onto victims' phones. Roman Unuchek, a Kaspersky researcher, on Thursday published an analysis about the trojan, dubbed Obad. According to Unuchek, a device administrator flaw in the Android operating system makes it impossible for a user to delete the malware once it gains extended administrator privileges on the phone. In addition, a second Android vulnerability inhibits the platform's ability to process an Android .xml file, called “AndroidManifest,” making it difficult for the malware to be detected. Obad also exploits a third flaw in separate software, called DEX2JAR, which is popularly used by researchers to convert Android executable files into Java Archive (JAR) format. This component of the attacks also makes it more difficult for the malware to be analyzed by researchers, according to Unuchek.

Microsoft: Office Vulnerability Under Attack, Prioritize Patch

'....Microsoft is urging businesses to prioritize a patch for Microsoft Office in order to thwart a spate of ongoing, targeted attacks that have appeared in the wild.

The vulnerability is covered in bulletin MS13-051, and can be exploited by an attacker to remotely execute code if a user opens a specially-crafted Office document using a vulnerable version of Microsoft Office software, or previews or opens a malicious email in Outlook while using Microsoft Word as the email reader.

According to Microsoft, there have been limited, targeted attacks attempting to exploit the issue, which is rated 'Important' for Microsoft Office 2003 and Office for Mac 2011......'

How 30million 'wi-fi' credit cards can be plundered by cyber identity thieves exploiting contactless payment technology

'....Millions of debit and credit card holders are at risk of having their personal data mined by thieves exploiting a loophole in the latest ?contactless? payment technology.

Card numbers and personal details can be read almost instantly by a remote device such as a mobile phone, according to cyber-crime experts.

Contactless cards have been in use for five years and are becomingly increasingly popular as they save time for retailers and customers by speeding up transactions.

Customers use them to pay for less costly items (?20 or under) without having to key in a PIN number or scrabble around for cash.
Instead, they simply scan their plastic over an electronic reader at the till......'

Notice Board
 Training and Awareness Programmes - June 2013
Date EventVenue
- 19th,20th and 21st of June in 2013 Workshop on
“e-thaksalawa” Content Development
ICT Branch Laboratory  Ministry of Education
- 22nd to 5th of June 2013 National Level School ICT Championship Competition - 2013 NSSC 1st round Written Test Provincial Level  Provincial Level Test Centers 
- 26th of June 2013 (9.00-12.00) CISSP CERTIFICATION AWARENESS Hotel Renuka

Brought to you by: