Internet News (September 2017)

University hit by major cyber-attack

Continuing a seemingly endless onslaught of cyber-attacks, the University College London (UCL) has now also been the recipient of one such incident. Described as a “ransomware” attack by university representatives, that continued throughout the day with the university’s access to online networks being restricted in order to attempt to quell the onslaught, after the NHS suffered a similar such attack not long ago.

The university had been awarded the status of a “Centre of excellence in cyber-security research” by GCHQ intelligence services; combined with the fact that it’s ranked as one of the top 10 universities in the world, it makes for a strong argument for the potential reason that they might have been targeted for this attack in an attempt to show that even cyber-security experts are not safe. Universities in general have frequently been targets for cyber-attacks due to the fact that many often carry out commercially sensitive research.

UCL had warned both staff and students of the likely risk of data loss and “very substantial disruption” during the attack, explaining that “ransomware damages files on your computer and on shared drives where you save files”, and told everyone not to open any suspicious attachments. Initially the attack was blamed on phishing emails, with links to malicious software in them. However, after investigating further, the university suggested that it was more likely to have been from interaction with a compromised website that spread and distributed the malware.

Ransomware attacks, if you didn’t already know, are attacks designed to hold your files to ransom, typically via strong encryption, in order to extract money from the victim to get their files back instead of losing them (see Starjammer Bulletin’s article – Ransomware: What you need to know). After a day or so, the university stated that the infection had been contained, but that it needed the cooperation of both staff and students to ensure that there was no “further spread of this malware”.

“What makes this attack interesting is the timing. Hackers tend to target people who will be desperate to get access to their data and are, therefore, more likely to pay the ransom”, ethical hacker and research associate Graham Rymer from the University of Cambridge explains.

“Currently there are a lot of students who will be putting the final touches on their dissertations, so it could be that they were the targets.”

Rymer has praised the university, stating that they seem to have managed well in response to the attack, and that they had “locked it down pretty well”, with their first key action being to set all storage devices to read-only in order to halt the spread and destruction of the attack.

When rats attack…

Many internet users in South London have been left without internet recently. The cause? Rodents chewing through fibre cables. Sky and TalkTalk, the providers affected by this event have since made public apologies to their affected customers regarding the loss of service.

One customer received a message from Sky at 9:55 in the morning stating that “Engineers are still working on resolving the fibre break. Extensive damage has been caused by rodents chewing through cables and it’s taking longer to fix than we’d like and have estimated your service should be restored at lunchtime. Thanks for your patience.”

TalkTalk have also stated in their apology: “We’re aware some customers in South London may be experiencing loss of service. We’re really sorry.”

With this outage, it has allowed the public a rare look into a part of the infrastructure of Sky’s broadband service. Affected areas include Tulse Hill, Balham, Brixton, Nine Elms, Streatham, Dulwich, Vauxhall, South Clapham, Forest Hill and Battersea, with customers claiming outages in several other surrounding areas.

A not dissimilar “act of sabotage” by little creatures also previously happened in Shropshire last year, when damage by snails caused the internet in the area to move at the same speed as they do.

The Daily Stormer becomes the permanently goner

The Daily Stormer, an alt-right website focused on white supremacist news and discussion, has been dealt a potentially fatal blow. Following the recent events that took place in Charlottesville, Virginia, GoDaddy, the company who had been hosting the website, decided to cease their business with the group. The current CEO of the company, Blake Irving stated that, “With the events that happened in Charlottesville, we felt the Daily Stormer went too far, crossed the line.”

Appearing on CNBC’s “Squawk Alley”, Irving justified his actions. “We always have to ride the fence on making sure we are protecting a free and open internet and regardless of whether speech is hateful, bigoted, racist, ignorant, or tasteless, in many cases we will still keep that content up because we don’t want to be a censor and First Amendment rights matter not just in speech but on the internet as well. But when the line gets crossed and that speech starts to incite violence then we have a responsibility to take that down.”

The content in question that GoDaddy considered to have crossed the line resulting in the ceasing of services was reportedly a post attacking Heather Heyer, one of the victims that had been killed by a car that had rammed into her and a group of other protesters during the incident in Charlottesville that were opposing the White Nationalist rally. The website had a post spitefully berating her, resorting to calling her “fat” and “childless”, and comments in extremely poor taste, such as “most people are glad she is dead, as she is the definition of uselessness.”

GoDaddy tweeted the Sunday following the post, saying it had given the owners of The Daily Stormer 24 hours to find another provider to transfer its domain to. After people asked why the company had taken so long to cease doing business with the hate spewing website, Irving said “I understand that position but still First Amendment rights protect people’s ability to represent their beliefs. As ignorant and tasteless as those beliefs are they have the right to do those things.”

The underlying clause that lead to this decision stemmed from the fact that the website had violated GoDaddy’s Terms and Conditions of service, citing the part which specifically states that it forbids “inciting violence against a group or an individual”.

“It’s a very fine line between making sure we’re not being a censor and making sure we’re acting in a responsible manner”, Irving said.

shield-107860_1920It’s important also to clarify that GoDaddy were only hosting the domain of the website, not the contents themselves. For those not in the know, while the contents of a site requires hosting somewhere on a computer with a public IP address, the domain can be assigned to that IP separately from a different provider, and is simply pointed to the correct place, since that’s basically the main job of a domain name – to resolve to an IP address that a browser can connect to.

GoDaddy seems to have been only the first of many to end up denying the website a place online. Their next port of call after GoDaddy was Google, who swiftly removed them again for also violating their terms of service.

This chain of events then led to the actual website hosting company the group were using, Scaleway, a France-based hosting company, to also cease doing business with them, shuttering the site and terminating their account. Even CloudFlare, a cloud server service designed to maintain mirrors of websites even if the main hosted website goes offline, has taken action against the site following the events, cancelling their account there also.

This comes as something of a surprise, since the CloudFlare and its CEO Matthew Prince, have been publicly unwavering in their stance on free speech, even amongst criticism over providing the service to alleged terrorists a few years prior in 2013, stating that “A website is speech. It is not a bomb.” This then, must be a somewhat momentous turn of events for a company so committed to their message on free speech.

So what changed that made this decision so different from those terrorist claims in 2013? Gizmodo managed to obtain an internal email that shone some light on the matter, in which Prince said the decision was completely arbitrary. The email reads: “My rationale for making this decision was simple: the people behind the Daily Stormer are a******s and I’d had enough. Let me be clear: this was an arbitrary decision.” Further into the email, he expressed his thoughts on the matter, positing that it was dangerous for that kind of power to be in control of one person’s hands.

He also reiterated his stance on being a proponent of free speech, “It’s important that what we did today not set a precedent. The right answer is for us to be consistently content neutral.” Saying that, he “woke up this morning in a bad mood and decided to kick them off the internet. It was a decision I could make because I’m the CEO of a major internet infrastructure company.”

Of course, even if Prince says it’s important to not set a precedent with this action, it might not be within his control when it comes to public perception and future expectations if similar circumstances arise in the future.

Prince argues in a later company blog post that the internet as a whole needs a better system of arbitration when deciding which content should be taken down, a system that would respect due process and mean that such power isn’t in the hands of a few CEOs like it is currently.

Facebook drones on

Remote areas around the world who are unable to link to the World Wide Web may soon be able to access it, thanks to new technology designed and manufactured by Facebook. The Aquila drone has been designed to access remote areas to provide residents to contact the rest of the world via an internet connection. The first test flight last year proved successful, even if it did end abruptly with an unfortunate crash landing. Since then, a second full-scale test flight has taken place and has proved itself a triumph.

During the test flights, engineers saw their solar powered Aquila drone fly at 3,000 feet for nearly 2 hours. The wing span on the drone is approximately the same size as a Boeing 737. Data was taken during the test flight to ensure that Aquila’s efficiency was at a maximum, as well as identifying any other underlying issues.

The drone currently flies freely but can also be controlled manually if required. Although the current series of test flights proved successful, designers have worked hard to rectify faults found in their initial design. Additional spoilers on the wings, as well as modifications to the autopilot software and an additional horizontal propeller stopping mechanism has been added to the design to provide softer landings and prevent further catastrophic ones. The modifications made following the first flight have made substantial changes to the performance of the Aquila.

Mark Zuckerberg creator of Facebook announced that should tests continually prove successful, and when Aquila is fully operational, they plan to fly a full task force of the solar-powered drones above the most remote areas of the world to provide the 4 billion people still unable to access the World Wide Web across the globe, internet connectivity. The drone will eventually fly at a height of 60,000 feet, above the affected areas for periods of up to several months at a time.

Zuckerberg admits that the Aquila drone is slow due to its design, with a slow climb to altitude and an even slower descent. When the drone flies upwind, it does so at a speed of only 10-15mph. The drone’s design enables it to remain in the same locations for long periods of time providing internet access to the areas that need it.

Martin Luis Gomez, Director of Aeronautical Platforms at Facebook, described the Aquila as an “audacious goal” but also admitted that to reach the revolutionary milestone and the months that it has taken will be worth it.

Overdoing IT

The Etiologically Elusive Disorders Network (EEDRN) have identified addictive behaviours with internet overuse and other medical related effects that it can have on users in a recent published study. The network, made up of figures from various doctors and neuroscientists from reputable medical institutions and research facilities based in India, have found that overuse of the internet could cause neuropsychiatric dysfunctions, with symptoms including irritation, anxiety and obsessive compulsion.

Research has shown the same effects on people as those found in drug addiction, recognising implications with users personal and social relationships, adding socio-political pressures to lives, and well as effects to mental health and general well-being.

Technology has moved forward spectacularly over the past twenty five years since the birth of the web, and with nearly every device now connecting to the internet, accessing the internet is part of your everyday routine.

In the paper published by the EEDRN, they warn that internet overuse causes individuals to become vulnerable to mental health issues, including raising stress levels due to the never-ending overload of information and updates.

The research was based on observations made through the studying of typical behaviours and indicators, and how the users mind reacts during use, and the subsequent neurocognitive dysfunctions caused by overuse of the internet. Researchers reported that although the brain naturally seeks information, with the overuse of the internet, the brain is working much harder and becomes more reliant on new information and updates from the internet. As the need for more information increases, users are becoming more compulsive in their surfing and social media habits with the need to stay in touch online constantly.

Senior PhD Scholar and Co-author of the paper, Vikas Pareek, stated that if the report is ignored, the areas that have been highlight may expand further into a “Disease of Human Civilisation”, fearing that the cumulative effects on future generations and society could have a serious impact on their learning, social lives and communication skills.

How to disappear completely

If you were asked how many websites you had signed up to for information, would you be able to answer the question off the top of your head? Cyber-attacks are becoming the norm, and every day we hear stories about sites that have been attacked, of fake news stories that have gone viral, and of continual cases of online abuse.

Up until now it has been difficult to delete your “online presence”. Now, a group of Swedish developers have formed a website that can assist you with deleting your online existence using just your keyboard.

Deseat.me can give you a list of all the accounts and services that you have once registered or have created an account with. Providing Deseat.me with just an email address and your password to your existing accounts, Deseat.me will be able to provide you with a list of current websites and services that you have signed up to. Once you have received a list, you will then have the option to be deleted or unsubscribed to those accounts or services.

Wille Dahblo together with Linus Unneback created their ‘Internet Deletion’ site, having recognised a gap in the market for a single, easy to follow, on-line site to allow users to “clean up their internet presence” without affecting users’ privacy settings and personal data. The program runs on the users’ computers, and the website utilises Google’s security procedures. Therefore, it does not have access to any users login information when they originally set up the site.

Unfortunately, Deseat.me has been limited now and only sites and services that have been registered using a Google email address can be found. Furthermore, the website is still unable to retrieve account information from every facility, with some sites showing a greyed out delete button. Although the system proves successful for some, it seems to only work for the larger websites such as Facebook, Twitter and Evernote; the success rate for smaller sites is not so great.

NHS Hero Bailed In US

Marcus Hutchins, the British Cyber Security Expert, from the small Devon coastal resort of Ilfracombe has been released on bail from a US prison, following allegations that Hutchins was creating and selling malware that illegally obtains banking passwords. His bail conditions have included wearing a GPS tracker. He was ordered to remain under house arrest until his trial in October 2017.

Hutchins was dubbed a hero after derailing the world-wide cyber attack that caused chaos within the National Health Service. The WannaCry ransomware attack infected computers in over 150 countries. it worked by installing itself in systems, encypting user data and demanding a ransom from users before they could regain control of their systems. Figures showed that over 300,000 computers were affected. It was Hutchins that found the “kill-switch” to the ransomware attack, winning him international fame and a celebrity within the tech world and beyond.

Hutchins was later arrested on August 3rd in Las Vegas following Def Con, a hacking conference, charged for allegedly writing banking malware known as Kronos in 2014, and assisting an unknown co-defendant market and sell Kronos. Hutchins appeared in court in Milwaukee on August 14th. Hutchins pleaded not guilty to the six charges relating to the allegations. Strict bail conditions have been set, although he has been granted permission within his bail to access the internet in order to continue with his security work.

The trial has been scheduled to start in October. Should Hutchins be convicted of all crimes, he could end up facing a 40-year custodial sentence. Lawyer, Marcia Hoffman, has confirmed that Hutchins will be “vigorously defending himself” against all charges, and has every confidence that he will be fully vindicated and that the charges will be dropped.

Following his bail, Hutchins went online and publicly thanked his supporters for the overwhelming amount of support he had received following his initial arrest, and vowed that once he had a chance to publish his blog he would.

Internet News – August 2017

Subscribe to the Starjammer Bulletin

More about The Starjammer Bulletin

The Starjammer Bulletin is the official newsletter for The Starjammer Group, its customers, clients, affiliates and subscribers. With over ten years under our belt, we are proud of our commitment to our clients, and of our assurance that we provide them with the best level of service and help that they have come to know and respect us for. The Starjammer Group is proud of its track record to date, and strives to improve its products, services and standing on all fronts. Our mantra has always been '21st century thinking'. Why? Simple: we love doing what we do, enjoy our work, and work on the principle that our customers, clients and associates should share in the fun. Business shouldn't be a chore: we spend on average 8 hours per working day in the office, or factory, behind a desk, stall or wheel. We employ people who are not only competent and good at their job, but people who have that something; that little spark that grabs our attention. It can't be defined, and it's not always obvious. Nethertheless, we have been lucky to attract and keep the right people. Something we are proud of.