Commentary on the economic , geopolitical and simply fascinating things going on. Served occasionally with a side of snark.
Wednesday, May 28, 2014
Tech in the News May 28 , 2014 -- iPhones frozen by hackers demanding ransom People around the world have found their iPads and iPhones frozen by hackers who are demanding cash ransoms to unlock their devices ......... Wikileaks names US cellphone spy target as Afghanistan, claims Google staffer was involved ..... Additional items of note !
Owners of iPhones and iPads have been targeted by a hacker who is freezing iOS devices and demanding a ransom of up to £55 to unlock them.
The majority of the attacks have taken place in Australia although there are also reports of Britons being affected.
It appears that the hacker, who goes by the name Oleg Pliss, has managed to exploit the Find My iPhone feature which can track and remotely lock stolen devices.
Users have been told to send ransoms of between $50 and $100 Australian dollars (up to £55) to a PayPal account in order to have their devices unlocked.
Those affected have taken to Apple's support forums to seek help. One user, veritylikestea from Melbourne, said: "I was using my iPad a short while ago when suddenly it locked itself.
"I went to check my phone and there was a message on the screen (it's still there) saying that my device(s) had been hacked by 'Oleg Pliss' and he/she/they demanded $100 USD/EUR (sent by paypal to lock404(at)hotmail.com) to return them to me.
"I have no idea how this has happened. I am not aware of having been exposed to malware or anything else, although i did recently purchase some new apps - perhaps one of these has something to do with it? I don't know."
Another user, Werewabbit, said: "I live in the UK and this has also happened to me yesterday. Very worrying. And not a peep from Apple yet. I have managed to change all my account details and passwords, but just feels worrying."
An Australian government website, Stay Smart Online, has told affected users not to pay the ransom.
"Currently there is only speculation about how the attacks have been carried out. Apple has not yet responded officially," it says.
"With the possibility that this attack is linked to your ‘Apple ID’, affected users are advised to change your Apple ID password as soon as possible.
"It is not confirmed if or how these Apple IDs and passwords were accessed, but suggestions include that hackers may be simply reusing information they may have discovered during a breach of other online services. Unfortunately, many people still commonly reuse the same password for many of their online accounts. "
We contacted Apple but was told that the company would not be commenting on the issue.
David Emm, from security firm Kaspersky Lab, said: "It seems likely that cybercriminals gained access to Apple ID credentials, for example by using phishing e-mails targeting Apple IDs.
"Such scams have been around for years. By using the credentials to access an Apple iCloud account, the attackers can enable the 'Find My iPhone' service - this is not only able to locate a lost or stolen device, but also to set a passcode preventing third parties from accessing the personal data stored on the smartphone.
"This is clearly a form of ransomware, previously only seen on PC and, recently, on Android devices - although in these cases malware was used to trigger this behaviour. This campaign is further proof that cybercriminals are adopting criminal business models developed for the PC, applying them to new areas and fine-tuning their methods."
Earlier this week, Pierre Omidyar’s national security blog, The Intercept, reported that the US is recording all telephone calls made in and out of the Bahamas and one other unnamed country.
The story, co-bylined by Ryan Devereaux, Glenn Greenwald and Laura Poitras, explained that the Intercept had decided not to name that second “country X” due to the risk of increased violence in response.
As I wrote at the time, this decision prompted a furious response from former allies Wikileaks, which “condemn[ed] Firstlook for following the Washington Post into censoring the mass interception of an entire nation.”
Upping the stakes, Wikileaks also promised to name the redacted country withing 72 hours.
Late last night the organization made good on its promise, issuing a statement claiming that “country x” is Afghanistan…
The National Security Agency has been recording and storing nearly all the domestic (and international) phone calls from two or more target countries as of 2013. Both the Washington Post and The Intercept (based in the US and published by eBay chairman Pierre Omidyar) have censored the name of one of the victim states, which the latter publication refers to as country “X”.
Both the Washington Post and The Intercept stated that they had censored the name of the victim country at the request of the US government. Such censorship strips a nation of its right to self-determination on a matter which affects its whole population. An ongoing crime of mass espionage is being committed against the victim state and its population. By denying an entire population the knowledge of its own victimisation, this act of censorship denies each individual in that country the opportunity to seek an effective remedy, whether in international courts, or elsewhere. Pre-notification to the perpetrating authorities also permits the erasure of evidence which could be used in a successful criminal prosecution, civil claim, or other investigations.
But Wikileaks wasn’t done there. Shortly afterwards, the organization dragged Google into the fight, pointing to a leaked cable apparently showing that “Google Idea’s director Jared Cohen was tasked with getting Afghan telcos to move towers to US bases when at DoS.”
Before joining Google, Cohen worked as an advisor to both Condoleezza Rice and Hillary Clinton, and was celebrated by the New York Times magazine for representing a new breed of tech-savvybureaucrats.
Wikileaks appears to be suggesting that Cohen’s attempts to relocate Afghan cell towers within US bases may have had a clandestine motive. If true, the fact that Cohen is now working at Google might of course be incredibly troubling for privacy advocates. I’ve asked Cohen for comment and will update this article with anything I hear back.
For its part, the Intercept has published no official statement in response to Wikileaks’ claims. Instead, earlier today, Glenn Greenwald published a 1700 word response to a negative review of his book in the New York Times.
A week ago, in retaliation to the inane charges lobbed by the US accusing 5 Chinese army officials of spying on US companies (when the NSA spying scandal on, well, everyone refuses to leave the front pages), China announced it wouldban the use of Windows 8 on government computers (considering the quality of Windows 8, this is likely a decision government computers would have taken on their own regardless.)
Today, China has expanded its list of sanctioned companies from Microsoft to include IBM as well, following a Bloomberg report that the Chinese government is pushing domestic banks to “remove high-end servers made by International Business Machines Corp. and replace them with a local brand.”
Why is MSFT and now IBM sowing the seeds of the US government’s stupidity and failed attempts to distract from its own spying scandals? We don’t know. Here is what we do know:
Government agencies, including the People’s Bank of China and the Ministry of Finance, are reviewing whether Chinese commercial banks’ reliance on IBM servers compromises the country’s financial security, said the four people, who asked not to be identified because the review hasn’t been made public.
The review fits a broader pattern of retaliation after American prosecutors indicted five Chinese military officers for allegedly hacking into the computers of U.S. companies and stealing secrets. Last week, China’s government said it will vet technology companies operating in the country, while the Financial Times reported May 25 that China ordered state-owned companies to cut ties with U.S. consulting firms.
Harriet Ip, a Singapore-based spokeswoman for IBM, referred questions to IBM in the U.S. Jeffrey Cross, a Somers, New York-based spokesman, didn’t immediately respond to an e-mail seeking comment outside U.S. business hours.
“Security trumps everything,” said Duncan Clark, chairman of BDA China Ltd., a Beijing-based consultant to technology companies. “China doesn’t need the U.S. companies in the way it did for the last few decades.”
Perhaps somewhat ironically, IBM sold its low-end server business to Lenovo, itself a part of IBM once upon a time, several months ago for $2.3 billion.
But if this wasn’t enough of an insult to IBM’s top line, here is another concern about IBM margins: China simply believes Big Blue’s products are too expensive:
In addition to concern about Armonk, New York-based IBM’s equipment as a security threat, China’s government also believes IBM servers are more expensive in China than in other regions, the people said.
China Postal Savings Bank Co. is using servers made by Jinan-based Inspur Group Ltd. as part of a trial program that began in March 2013, the people said. The government plans to expand that trial to other banks, they said. The group’s Inspur International Ltd. unit gained 10 percent to HK$1.53 at 2:57 p.m. in Hong Kong trading today. In Shenzhen, Inspur Electronic Information Industry Co. rose 4.7 percent.
That’s ok though: since news and fundamentals don’t matter, we fully expect IBM stock to also be up several percent on what now appears to be the terminal loss of one of the company’s largest export markets. And not only IBM: other stocks set to surge on this bad news are MSFT and, of course, Cisco, whose CEO was recently crying about Obama’s NSA policies, and whose sales in China are once again assured to crater. But as they say in the movies: tis but a scratch – who needs top line growth when a company can issue debt to buy back its share and pretend all is well ?