Acting US Attorney Michael K. Loucks and Warren T. Bamford, Special Agent in Charge of the Federal Bureau of Investigation-Boston Field Division announced September 15 that Francis G. Janosko, 43 pleaded guilty to one count of intentional damage to a protected computer in Federal District Court in Boston.

During 2006 and 2007 While an Inmate at Plymouth, Janosko hacked a computer provided to inmates for legal research. The computer had restrictions disallowing use of email or Internet and various other functionality. Janosko was also able to gain access to a file containing names, addresses and social security of around 1,000 current and former employees of Plymouth County Correctional Facility. Janosko also attempted, albeit unsuccessfully to access a vital prison management software.

Janosko had been released from Plymouth County Correctional for some time but has been incarcerated since his apprehension in November 2008. The FBI and the Plymouth County Sheriff’s Office investigated this case. Assistant US Attorney Scott L. Garland of Michael K. Loucks’s Computer Crime Unit is prosecuting the case.

Judge O’Toole set the sentencing date for December 15. Under the terms set forth in a plea bargain Janosko faces 18 months in prison.

China was added, amongst other things, for “increasing natural resource-focused diplomacy and military modernization,” while Russia was singed out because, despite a growing partnership with the US on fighting things like nuclear terrorism, “it may continue to seek avenues for reasserting power and influence in ways that complicate US interests,” according to the AFP.

The National Intelligence Strategy (NIS), a report released every four years, calls China and Russia “aggressive” in the cyberworld and while the NIS did not explicitly name either countries as a cyber threat, it did outline cause for concern.

“At the tactical level, they are intent on penetrating our critical infrastructure, information systems, and leading industries,” it said, AFP reports. The report went on to recommend the US employ tactical strategies “across the cyber domain to protect critical infrastructure.”

The report also lists Iran and North Korea, unsurprisingly, as parts of its main opposition. It stressed the possibility of further partnerships with China and Russia to help strengthen relationships, however saw no hope of immediate reconciliation with either countries.

“Iran poses an array of challenges to US security objectives in the Middle East and beyond because of its nuclear and missile programs, support of terrorism, and provision of lethal aid to US and coalition adversaries…North Korea continues to threaten peace and security in East Asia because of its sustained pursuit of nuclear and ballistic missile capabilities, its transfer of these capabilities to third parties, its erratic behavior, and its large conventional military capability.”

Its assessment of Iran and North Korea was much harsher than of its two newcomers.

The report also highlighted Al-Qaeda as a continuing threat to both Americans and American interests at home and abroad and said the US’ main objective for the next four years will be to enhance “cyber security”, combat extreme terrorism and ensure weapons of mass destruction are not created or bought by any opposing nations.

The promotion and spread of democracy was not listed as a main priority.

“The increasing number of such crimes not only impacts the economy but threatens national security,” the FBI said Friday.

The man at the head of the opposition is the FBI’s Shawn Henry, recently appointed head of their Cyber Division. He told reporters Wednesday that the FBI has literally thousands of open cyber crime cases.

“One case in point: We joined our international partners yesterday in announcing a major takedown of a transnational criminal network that was buying and selling stolen financial information through an online forum known as ‘Dark Market‘,” the FBI said Friday.

“The business of the United States is done on the Internet,” said Henry, “And the information that flows electronically 24/7 is increasingly the target of not only identity thieves and scammers, but organized crime groups, terrorists, and overseas governments.”

Yes, even other countries are trying to virtually penetrate the U.S. Henry says about 24 different governments have an “aggressive interest” in obtaining information from or making attacks against American cyber infrastructure.

Henry says that individual hackers and crackers have grouped up into “virtual gangs.”

“In years gone by, if a gang wanted to rob a bank, it needed crooks with various skills — safe cracker, get-away driver, look-out, etc. That’s essentially what we’re seeing in the cyber world today, only these virtual gang members have never met in the physical world,” Henry said.

“There are organized groups that are very successful.”

In a web posting, Sony warns that some users could be victimized, their personal infomration viewed and games and downloads charged to their credit cards.

“We have investigated the extent of unauthorized access and possible alteration of passwords that could have occurred before corrective measures were taken, and are directly contacting customers who may have been affected by this incident,” Sony said in a statement Thursday. “In order to verify that your account is intact, we strongly suggest that PlayStation Network users sign in to the service. If you can successfully sign in with your pre-set password, your account is not affected by this incident.”

It is important to note that while the Playstation Network does store user credit card information for purchases, this data is not visible to anyone (including the user) after entered.

So, presumably,the hackers can’t use people’s credit cards for anything other than PlayStation Network downloads.

While Sony has said that they will be contacting users effected by the breach directly, they encourage anyone who believes they might be experiencing problems that can not be resolved from the methods listed on the website to e-mail them directly.

It’s that easy to bypass the most popular forms of hard disk encryption software. From Windows Vista, to Mac OSX, to various flavors of Linux, it appears that all major operating systems are highly vulnerable.

Conventional wisdom held that DRAM memory was rapidly volatile, causing all of its information to fade as soon as power to a computer is cut. However, researchers with Princeton’s School of Engineering and Applied Science department have recently proved that false.

By tipping the can of air upside down over a laptop’s DRAM chips, the nitrogen gas freezes the chip within seconds. When it’s frozen, the memory can stay fresh for longer than ten minutes — more than enough time to steal the encryption keys that allow easy access to the hard drive’s data.

In their paper, titled, “Lest We Remember: Cold Boot Attacks on Encryption Keys,” they say, “We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount successful attacks on popular disk encryption systems using no special devices or materials.”

The revelation and airtight research have knocked the computer world for a spin, as laptops containing military information to proprietary corporate research are now wide open.
In their paper, the researchers observe that many computers with inefficient cooling systems do not need the benefit of liquid nitrogen at all. The DRAM stays cool enough on its own to simply reboot the computer with the proper access tools.

The researchers end their abstract by noting, “Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.”

See also: The New York Times

The programmer of this dangerous piece of code was an eleven-year-old boy.

Using the installer.app feature on the iPhone, users can access the diverse world of third-party applications. The malware in question passed itself off an update at www.jmwiki.com for applications including Erica’s Utilities, OpenSSH, Launcher and Doom. After downloading and installing the file via the iPhone’s installer.app, the malware displayed the word, “shoes” and proceeded to remove files critical to iPhone functionality.

Though by malware standards the virus was fairly tame, McAfee Avert Labs blogger Jimmy Shah noted that the piece of software highlights an important security concern with iPhone, one that depends entirely on the vigilance of well-informed users.

McAfee recommends users only acquire software only from trusted sources and install only official firmware updates.

After the child’s ISP was informed of the problem, his father was contacted and the site hosting the malicious application was taken down.

Researchers like Marcus, who keep a finger on the pulse of the malware underground, formulate yearly virus trend predictions, with the intent of helping users stay on the up and up. One of the biggest trends Marcus has pinpointed for 2007 is an increase in “zero day” attacks.

A zero day attack, as it’s known in the computer security industry, is an assault on an application possessing a previously unknown vulnerability, which is in turn revealed to the general population before being taken to the application’s vendor.

A good way to think of a zero day day attack is to picture a row of pristine houses with neat little gadgets such as electric garage door openers. If the houses are computers and the garage door openers are the applications, you’re a guy walking down the street with a universal remote who just found out that if you push the power button, some defect in all the garage door openers lets you open every garage on the street due to an unforeseen glitch.

In the computer world, the different terms, ‘vulnerability,’ ‘exploit,’ and ‘virus,’ can get confusing. The difference between each is fairly simple.

Think of a vulnerability as a back door into an application. For example, if there’s an extremely popular music playing program that’s used by a large number of people, but it has a chunk of code that is poorly constructed, it might provide a loophole for the criminally minded. This is a vulnerability.

If the vulnerability is found and brought to the attention of the vendor who created the application, and it is subsequently fixed, the problem never progresses beyond this stage.

However, the internet is no utopia and the business world doesn’t always turn on a dime.

If the vulnerability is never brought to the attention of the application builders, or the builders fail to provide an update fast enough, a malicious programmer can string together a code sequence that allows him to take advantage the loophole. That code sequence, harmless on its own, is known as an exploit.

The final step, the actual virus, is a tightly wrapped program—not much different than a calculator or game program—that delivers the exploit code payload to your computer by attaching itself to the vulnerable application, which allows the coder behind the virus to take advantage of your system in various ways.

Problems for computer security experts can be compounded when malicious programmers start sharing exploit code strings and collaborate on building the actual virus program, a trend that has seen explosive growth in the last few years.

“On the bad guys side of the house, they do certain things very efficiently,” said Marcus. “They communicate very effectively. They used to write things for bragging rights, now they’re more apt to collaborate.”

In the new year, he expects to see this kind of collaboration grow, which poses difficulties for computer security experts due to the power of numbers. The more people working to perfect a program—malicious or friendly—the stronger the program gets.

A recent vulnerability exposed in the Apple’s QuickTime program illustrates exactly how this concept—from vulnerability to exploit to virus—works. The end product, the new QuickTime virus, represents a hybrid virus style that could take off in 2007.

“The advantage the malware writer has is they can always look for the new vector and always test against antivirus programs,” said Marcus. “The Symantecs and the McAfees can’t do that.”

In a nutshell, the QuickTime virus is unique because it works on both Windows and Macintosh platforms. Generally a virus attacks one or the other due to fundamental differences between Windows and Macintosh operating systems, with an overwhelming majority targeted at Windows due to its reputation for leaky code, easy exploitability, and overwhelming market dominance.

Though Apple has an industry reputation for being a low-virus system, the QuickTime virus can take advantage of a Macintosh as easily as it does Windows. That dual capability set off alarm bells in December 2006 and on into 2007, said Marcus.

With the new Intel chips in Apple computers, allowing Macintosh operating systems to run Windows applications at native speeds, this kind of dual operability virus could see cross platform growth as well in the new year.

As 2007 marches on there’s no hard and fast rule for avoiding viruses, said Marcus. The biggest problem will continue to be the zero day vulnerabilities, and a mushrooming cloud of spam is expected to reach epidemic proportions in 2007 according to a wide range of experts, which may very well pose additional difficulties to all who love, or loathe, the Internet.