Dutch Minister of Justice Ivo Opstelten announced that the two countries will work together on topics such as critical infrastructure protectection and that they will share information as well as knowledge and expertise whenever hackers are attacking those infrastructures
“We want to find the criminals who are behind those attacks”, the Minister stated.
Dutch language news article:
http://www.nu.nl/internet/2747630/nederland-tekent-verdrag-cybercrime.html
http://www.shodanhq.com/search?q=linksys+country%3ANL
Dutch language news article:
http://www.security.nl/artikel/40442/1/”Veel_WiFi-routers_kwetsbaar_voor_hackers”.html
E-mail addresses, active credit card accounts, personal details of politicians and law enforcement officers out in the open. Some of the most sensitive data was not encrypted.
Dutch language news article:
http://www.nu.nl/internet/2746843/creditcardgegevens-gelekt-hack-nationale-theaterkassa.html
Anonymous has so far plied its trade in “hactivist” exploits. But according to the director of the National Security Agency, it might soon turn its focus to U.S. infrastructure.
According to the Wall Street Journal, citing sources, Gen. Keith Alexander has said in private meetings at the White House and elsewhere that the U.S. must keep a close eye on Anonymous’ growth. He reportedly warned that if the organization continues to gain power, it might even take down a part of the U.S. power grid within the next couple of years.
In and of itself, IPv6 won’t make you any more secure than your childhood blue blanket
Children are targeted through the use of visual lures — flashing colours, pretty animations and interesting graphics can all serve as tools for a hacker to gain access to your machine. It is highly unlikely a young child will be worrying about online safety when a highly-visual animation or graphic ropes them in to clicking a button — and they may not understand what permissions they are granting a piece of third-party software when they do.
A child is also not necessarily aware of what signs to watch out for in order to realize a machine is infected. Slow performance, a spam bot sending out infected emails, or software such as toolbars and a changed Internet home page may rouse suspicion in an adult, but not necessarily someone younger.
Why does this occur?
Children are not always aware of threats lurking on the Internet, and therefore do not know how to prevent themselves becoming exposed to online scams — making them an enticing target for cyber-criminals.
Much more:
http://www.zdnet.com/blog/igeneration/children-and-hackers-what-you-need-to-know/14855
They were able to manipulate everything from the water slide to the temperature of the water. Chlorine levels could not be adjusted in this particular case
Dutch language news article:
http://webwereld.nl/nieuws/109573/attracties-van-zwembad-door-hackers-te-beheren.html
We want to raise public awareness about the risk of entrusting your personal data to unsafe services. We also hope to encourage companies to pay more attention to the protection of the users of their services. Some of them will be left with no choice, because their security flaws will be published on this site!
But we do want to offer companies the chance to remedy their mistakes. This is why we will always notify the owner of a compromised website first and give them enough time to resolve the issue, before it is published on our site. This method of exposure is commonly known as responsible disclosure.
How does it work?
Jacobs also states that the state of security at government level almost makes him cry.
Dutch language news article:
http://www.nu.nl/tech/2744710/ict-veiligheid-bij-lagere-overheden-janken.html
About Bart Jacobs: http://www.cs.ru.nl/~bart/
See also:
Based on what has been demonstrated thus far, ongoing research efforts, and the continuing advancements of computing and networking technology, we believe that cloud computing is poised to have a major impact on our societys data-central commercial and scientific endeavors.
http://cryptome.org/2012/01/nsa-cloud.pdf
Some of the possible uses of DPI at present include:
So Where’s the Rub?
The main purpose of Deep Packet Inspection technology is to give users a better experience and to make intelligent delivery of service more manageable for network providers. All of the above applications are primarily aimed at stopping users or software from reducing the quality of service for other users, delivering the expected service or complying with legal requirements, so why is DPI at the centre of so many debates concerning issues as fundamental as free speech, civil liberties and privacy? To understand this it’s worth looking at some high-profile debates, campaigns and recent events to see how DPI fits in.
Much more:
http://blogcritics.org/scitech/article/why-deep-packet-inspection-isnt-being/
The hacking of the websites of the Federal Trade Commission’s Bureau of Consumer Protection on February 17 was the second attack on the agency’s web presence in less than a month. Both of the attacked servers were set up for the FTC by the public relations firm Fleishman-Hilliard under the same contract, and ran on servers the firm provisioned from web hosting and cloud services provider Media Temple.
But even after the server for the FTC’s OnGuardOnline.gov site (ironically, a site intended to share tips from the government on computer security and privacy for consumers) was hacked on January 24 using an exploit of security weaknesses in the applications running on it, Fleishman declined to update the software running its other sites, an executive of Media Temple told Ars.
More:
Dutch SCADA provider Xylem denies that hackers can remotely control dams, sewage systems and bridges. Hacker/researcher immediately explains that Xylem is lying
Dutch language news article:
http://webwereld.nl/nieuws/109565/scada-bedrijf-xylem-ontkent-kwetsbaarheden.html
… the hacker was able to:
1. Access KPN’s servers and ‘obtain rights’
2. Those servers were being used for ‘hosting of websites’, ‘routing of internet services’ and ‘storage of customer details’
3. The hacker has had ‘rights on DNS servers’ and ‘user rights on one of KPN’s routers’ enabling the hacker to potentially disrupt traffic to and from KPN’s customers (including emergency services and VOIP services). There’s no evidence that the hacker has disrupted or manipulated any traffic.
The investigation is still ongoing but so far it doesn’t seem like the hacker has copied or manipulated any information.
The Dutch government feels that emergency response as well as data security and integrity is KPN’s responsibility.
Dutch language news article:
http://www.security.nl/artikel/40342/1/”KPN-hack_geen_gevaar_voor_nationale_veiligheid”.html
Previously:
http://vrritti.com/?s=kpn
Sponsored by Madison Ghurka. Speakers:
In The Netherlands, Dutch internet provider KPN has been confronted with a major security breach. Although it was believed that hackers were able to access customer details, the evidence for that turned out to be false.
Instead, hackers had accessed customer data of online store ‘Baby Dump’ which contained KPN e-mail addresses. They pretended it had been obtained by hacking KPN.
Further research into the KPN Hack and the Baby Dump Hack, has now revealed yet another security breach, this time at marketing bureau Creation Point. That hack has exposed 100,000 customer details related to one of Creation Point’s clients, namely Bavaria.
Creation Point has gone and filed a criminal complaint with the Dutch police.
Time and again security experts and hackers are arguing that these activities are only aimed at showing how poorly secured the facilities of these companies and providers really are.
Then again, if everyone agrees that 100% security does not exist, nor sufficient protection against zero day exploits, one can wonder what exactly the hacking community is hoping to prove. The non-existent government communication and non-deterrent legal sanctions in The Netherlands regarding hacking activities are most likely adding to the problems. Better security is one part of the solution, better enforcement is another.
Dozens of other clients of Creation Point will be affected by this hack.
It is also still uncertain just what the full impact and damage will be in relation to the KPN hack.
Dutch language news article:
http://webwereld.nl/nieuws/109505/priv-data-van-ruim-100-000-bavaria-klanten-gehackt.html
2 million e-mail users are back online again
http://www.nu.nl/internet/2739523/kpn-neemt-versneld-veiligheidsmaatregelen-hack.html
Dutch language news article:
http://www.nu.nl/algemeen/2738588/gelekte-e-mailgegevens-niet-van-kpn.html
Previously:
http://vrritti.com/?s=KPN
That’s what a hacker has revealed in an interview with Dutch website Tweakers.net
Dutch language news article:
http://tweakers.net/nieuws/79940/kpn-hackers-konden-verkeer-klanten-mogelijk-onderscheppen.html
Previously:
DDOSsing VISA and MasterCard = Community Service. Using KPN User Login Data Posted Online = Jail Time
http://vrritti.com/2012/02/10/ddossing-visa-and-mastercard-community-service-using-kpn-user-login-data-posted-online-jail-time/
KPN Hack Out Of Control? Hackers Post KPN User Data On Pastebin
http://vrritti.com/2012/02/10/kpn-hack-out-of-control-hackers-post-kpn-user-data-on-pastebin/
KPN Hackers Interviewed By Dutch News Site Nu.nl: ‘KPN Servers Were Badly Secured, Badly Maintained. We Could Have Disconnected Internet Users’
http://vrritti.com/2012/02/09/kpn-hackers-interviewed-by-dutch-news-site-nu-nl-kpn-servers-were-badly-secured-badly-maintained/
Server Of Dutch Provider KPN Has Been Hacked, Damage Unknown
http://vrritti.com/2012/02/08/server-of-dutch-provider-kpn-has-been-hacked-damage-unknown/
In a remarkable move, Dutch prosecution authorities are now warning everyone who is using the KPN user login data which has been published online, that they will be facing stiff prison sentences.
It’s remarkable because not too long ago two Dutch hackers who launched cyberattacks on VISA and MasterCard were sentenced to 26 and 80 hours of public service.
Also, 5 Dutch wizardforum hackers who hacked into 14 university networks in the US and a large number of university networks in Western Europe, causing at least 100,000 USD in damages, only received probation sentences
http://vrritti.com/2011/08/24/5-dutch-wizardforum-hackers-who-hacked-into-14-university-networks-in-the-us-and-a-large-number-of-university-networks-in-
A Dutch hacker called Brenno de Winter was not being prosecuted in The Netherlands for hacking Public Transportation Cards. He did break the law but was acting as a reporter too. Public Prosecutor’s Office argued that in that case the importance of informing the general public as a journalist was prevailing.
http://vrritti.com/2011/09/09/dutch-hacker-brenno-de-winter-will-not-be-prosecuted-in-the-netherlands-for-hacking-public-transportation-cards-he-did-break-the-law-but-was-acting-as-a-reporter-too-public-prosecutors-office-argu/
And finally:
Having released a 19-year-old pro-Wikileaks Anonymous supporter after a day, the Dutch Public Prosecutor’s Office now reports that it has released the first Anonymous supporter they arrested, a 16-year-old individual from The Hague who has attacked the websites of VISA and MasterCard. The Public Prosecutor’s Office explains that “the investigation does not require him to remain in custody any longer.” He has been released on the condition that he will not engage in criminal activities in the future.
http://vrritti.com/2010/12/17/16-year-old-anonymous-supporter-released-by-dutch-prosecution-authorities/
Dutch language news article:
http://www.telegraaf.nl/binnenland/11490881/__OM_dreigt_met_celstraf__.html
Previously:
KPN Hack Out Of Control? Hackers Post KPN User Data On Pastebin
http://vrritti.com/2012/02/10/kpn-hack-out-of-control-hackers-post-kpn-user-data-on-pastebin/
KPN Hackers Interviewed By Dutch News Site Nu.nl: ‘KPN Servers Were Badly Secured, Badly Maintained. We Could Have Disconnected Internet Users’
http://vrritti.com/2012/02/09/kpn-hackers-interviewed-by-dutch-news-site-nu-nl-kpn-servers-were-badly-secured-badly-maintained/
Server Of Dutch Provider KPN Has Been Hacked, Damage Unknown
http://vrritti.com/2012/02/08/server-of-dutch-provider-kpn-has-been-hacked-damage-unknown/
