CrimesZone.com Latest Blog Posts

CRIME REPORT: February 23, 2012

Thu, 23 Feb 2012 11:59:32 GMT

GLEBE: Traffic delays were caused on Sunday after a collision spun a car the wrong way. Leichhardt police said a man, 55, stopped his Mazda at a red light at Parramatta Rd and Derwent St at 8.10am. A woman, 38, in a BMW sedan failed to slow for the light and tried to veer into another lane, but collided with the Mazda. The force of impact caused her car to spin into Derwent St, coming to a rest in the opposite direction. The man was taken to RPA with minor injuries. The woman was trapped until emergency services rescued her. She was taken to RPA without serious injuries.

GLEBE: A man has been charged after allegedly shooting a flare gun after being bashed. Leichhardt police said the attack occurred about 1am on September 11 last year. A man, 26, was allegedly involved in a fight with two other men on Glebe Point Rd. Police said he walked to his home and got a flare gun. He allegedly fired the flare gun at one of them, leaving him with burns. Last month, police received a ``hit’’ through the national DNA database linking the 26-year-old with blood found at the scene. Police arrested and charged him with discharge firearm in public place with intent to injure, assault occasioning actual bodily harm and affray.

-Follow our crime reporter on Twitter: @Omar_Hamwi

MARRICKVILLE: A man will face court after he allegedly forced another man to drive to his home and then rob it last Sunday. Marrickville police allege the man, 31, threatened a man, 21, and forced him to hand over cash and electrical devices about 4.30pm. The 31-year-old then allegedly forced him into his vehicle, where he demanded the victim drive to his home and hand over more property. Police arrested him a short time later. The man was charged with aggravated robbery and cannabis possession. He will face Central Local Court on April 10.

MARRICKVILLE: Residents are reminded that ATM machines have been tampered with in the area. Police report that the cash dispenser of these tampered machines do not give correct amounts of money. Police are asking the public to report suspicious behaviour around ATMs. Always immediately count your cash before walking away from the machine. If you do notice your cash has not been dispensed, look inside the cash dispenser and if you see any item blocking the dispenser call police.

MARRICKVILLE: A man was fined for urinating in public last Saturday. Police slapped the Dulwich Hill man, 52, with the on-the-spot fine after seeing him empty his bladder on the train platform at Marrickville station. Police would like to remind residents that it is an offence to urinate in public. If caught, you could receive a criminal infringement notice for offensive behaviour.

MARRICKVILLE: In scenes expected from an Xbox game, a girl, 13, allegedly stole a car and crashed it all over Sydney on Sunday. Police allege the car was stolen from an Auburn address at 11am. The girl allegedly crashed it into a parked vehicle on Warren Rd, Marrickville at 7pm. Police discovered the same vehicle was involved in several other collisions around Sydney. Police found the battered car in Moyes Ave later that night. A 13-year-old girl and three other juveniles are assisting police inquiries.

NEWTOWN: A transgender person has been charged after a teenager was indecently assaulted on a train between Newtown and Redfern. About 6pm last Thursday, a schoolboy, 17, and his friend were approached on a train. Police allege the person made offensive comments before indecently assaulting the teenager. The 17-year-old and his friend then got off the train at Redfern and reported the incident to police. A transgender person was arrested and charged with assault and an act of indecency. The 43-year-old was bailed to appear at Downing Centre Local Court on March 12.

FIVE DOCK: Police are appealing for assistance after a child was approached last Wednesday. Police said a boy, 8, was walking along Lancelot St when he was approached by a man about 3.45pm. Police said he offered the boy a lift home. The boy ran back towards his school. The man was described as aged 60-65, in a blue shirt, grey shorts and carrying a backpack.

OLDER CARS PROVING POPULAR WITH THIEVES
IN the past few months several old-model cars were stolen from the Marrickville and Petersham areas. The targeted vehicles include Hyundai Excels, Honda Civics and Mazda 121s.

Police urge car owners to take precautions to ensure the safety of their cars and property inside them. The most popular items stolen include MP3 players, mobile phones, cash, laptops, GPS and bags. Owners should take these items with them or at the very least store them out of sight in the vehicle.
Thieves usually gain entry by smashing a window, so it’s also a good idea to park in well-lit, busy streets. Always lock your car and ensure all the windows are fully closed. Additional measures could include fitting engine immobilisers or fuel cut-out switches, locking devices on the steering wheel or transmission and car alarms.

When is a cybercrime an act of cyberwar?

Wed, 22 Feb 2012 09:55:45 GMT

There is growing talk of cyberwar, as opposed to run-of-the-mill cybercrime. There are also terms that lies somewhere in the middle called cyber espionage, and cyber hacktivism - which is sort of like cyber terrorism for good guys. At the heart of the debate is an attempt to define the scope of an appropriate response to each type of threat.

Former US cyber-security tsar Richard Clarke describes scenarios in his book Cyber War: The Next Threat to National Security and What to Do About It of nationwide power blackouts, poison gas clouds and burning oil refineries, aircraft dropping from the sky and crashing subways. Those are the types of attacks that would seem to clearly indicate an act of cyberwar, but there are also many nuanced attacks in between that muddy the waters.

What's in a name?
The problem is that there are subtle semantic differences in the way different parties apply the terms cybercrime, cyberwar, cyber espionage, cyber hacktivism, or cyber terrorism. There is no clear consensus, which complicates the process of determining what level of law enforcement or government should be engaged to address a given attack.

Richard Stiennon, chief research analyst at IT-Harvest and author of Surviving Cyberwar, explains that the methods used can be identical. That means it takes a deeper investigation into the goals and motives of the attack to assign a label to it.

Mike Reagan, CMO of LogRhythm, believes that the lines are definitely getting blurred, but the distinction matters in terms of defining whether an incident is the responsibility of law enforcement or the military. "Cyberwar could be characterized as the use of cyber weapons to destroy enemy capabilities and/or populations. Cyber-crime could be defined as the use of cyber weapons/tools to execute a criminal act driven by any number of reasons."

Stiennon draws some distinctions in the definitions as well. A cybercriminal is generally motivated purely by profit. That is a different goal than cyber espionage, which seeks to access intellectual property for military or industrial strategic advantage, or cyberwar, which focuses on actually sabotaging infrastructure, disrupting critical systems, or inflicting physical damage on an enemy.

Take away the "Cyber"
Andrew Storms, director of security operations for nCircle, suggests a fitting and helpful analogy. "Remove the prefix from 'cyber crime' and apply the same judgment used in other contexts. Does stealing some cereal from the corner market constitute a crime or an act of war against the market owner? This analogy holds true even at larger scales; does a data breach at a Fortune 500 company call for the FBI or the Marines?

Storms also draws a parallel between the naval blockade during the Cuban Missile Crisis, and a denial-of-service (DoS) attack against a nation's infrastructure. The point being that its possible to have state-sponsored hostilities or acts of aggression that don't cross the line to become an "act of war".

Stiennon points out, though, that even tracing an attack to its source may not clarify the matter. "The difficulty is that the attacker could be a lone wolf like the Comodo Hacker, a street gang like the Nashi, or an organized terrorist cell--none of which fall into a Clausewitzian definition of war."

Does it really matter?
At a panel discussion on cyber war at a recent media event hosted by Kaspersky, Alex Seger, head of the Economic Crime Division of the European Council, expressed his opinion that the semantics of defining cybercrime vs. cyberwar are largely irrelevant. Seger says that rather than focus on definitions we should focus on the attacks: methodologies, targets, and consequences - regardless of attribution.

This is true depending on your perspective. At the level where PCs are compromised, and sensitive data is exposed, it is somewhat irrelevant why it happened. What matters is that it did happen, and the focus should be on mitigating damage from the incident and implementing defenses to prevent it from happening again.

Unless you happen to be (or work for) a defense contractor handling top secret information, or a part of the critical infrastructure managing things like water treatment facilities, natural gas pipelines, or air traffic control, the odds are probably slim that a given cyber attack will qualify as cyberwar.

You don't really need to concern yourself with how to lable the attack, though. Ultimately, it is hard to imagine any act of cyberwar that wouldn't also be a violation of existing laws. In that sense, all cyberwar is cybercrime, but not all cybercrime is cyberwar.

If your business experiences a cyber attack of any sort, it is best that you engage the appropriate authorities at your local level, and leave the cybercrime / cyberwar debate to law enforcement, government agencies, and politicians.

When Is a Cybercrime an Act of Cyberwar?

Tue, 21 Feb 2012 09:47:15 GMT

There is growing talk of cyberwar, as opposed to run-of-the-mill cybercrime. There are also terms that lie somewhere in the middle like cyber espionage, and cyber hacktivism--which is sort of like cyber terrorism for good guys. At the heart of the debate is an attempt to define the scope of an appropriate response to each type of threat.

Former U.S. cyber-security tsar Richard Clarke describes scenarios in his book Cyber War: The Next Threat to National Security and What to Do About It of nationwide power blackouts, poison gas clouds and burning oil refineries, aircraft dropping from the sky and crashing subways. Those are the types of attacks that would seem to clearly indicate an act of cyberwar, but there are also many nuanced attacks in between that muddy the waters.

What Is In a Name?
The problem is that there are subtle semantic differences in the way different parties apply the terms cybercrime, cyberwar, cyber espionage, cyber hacktivism, or cyber terrorism. There is no clear consensus, which complicates the process of determining what level of law enforcement or government should be engaged to address a given attack.

Richard Stiennon , chief research analyst at IT-Harvest and author of Surviving Cyberwar, explains that the methods used can be identical. That means it takes a deeper investigation into the goals and motives of the attack to assign a label to it.

Mike Reagan, CMO of LogRhythm, believes that the lines are definitely getting blurred, but the distinction matters in terms of defining whether an incident is the responsibility of law enforcement or the military. “Cyberwar could be characterized as the use of cyber weapons to destroy enemy capabilities and/or populations. Cyber-crime could be defined as the use of cyber weapons/tools to execute a criminal act driven by any number of reasons.”

Stiennon draws some distinctions in the definitions as well. A cybercriminal is generally motivated purely by profit. That is a different goal than cyber espionage, which seeks to access intellectual property for military or industrial strategic advantage, or cyberwar, which focuses on actually sabotaging infrastructure, disrupting critical systems, or inflicting physical damage on an enemy.

Take Away the “Cyber”
Andrew Storms, director of security operations for nCircle, suggests a fitting and helpful analogy. “Remove the prefix from ‘cyber crime’ and apply the same judgment used in other contexts. Does stealing some cereal from the corner market constitute a crime or an act of war against the market owner? This analogy holds true even at larger scales; does a data breach at a Fortune 500 company call for the FBI or the Marines?

Storms also draws a parallel between the naval blockade during the Cuban Missile Crisis, and a denial-of-service (DoS) attack against a nation’s infrastructure. The point being that its possible to have state-sponsored hostilities or acts of aggression that don’t cross the line to become an “act of war”.

Stiennon points out, though, that even tracing an attack to its source may not clarify the matter. “The difficulty is that the attacker could be a lone wolf like the Comodo Hacker, a street gang like the Nashi, or an organized terrorist cell--none of which fall into a Clausewitzian definition of war.”

Does It Really Matter?
At a panel discussion on cyber war at a recent media event hosted by Kaspersky, Alex Seger, head of the Economic Crime Division of the European Council, expressed his opinion that the semantics of defining cybercrime vs. cyberwar are largely irrelevant. Seger says that rather than focus on definitions we should focus on the attacks: methodologies, targets, and consequences--regardless of attribution.

This is true depending on your perspective. At the level where PCs are compromised, and sensitive data is exposed, it is somewhat irrelevant why it happened. What matters is that it did happen, and the focus should be on mitigating damage from the incident and implementing defenses to prevent it from happening again.

Unless you happen to be (or work for) a defense contractor handling top secret information, or a part of the critical infrastructure managing things like water treatment facilities, natural gas pipelines, or air traffic control, the odds are probably slim that a given cyber attack will qualify as cyberwar.

You don’t really need to concern yourself with how to label the attack, though. Ultimately, it is hard to imagine any act of cyberwar that wouldn’t also be a violation of existing laws. In that sense, all cyberwar is cybercrime, but not all cybercrime is cyberwar.

If your business experiences a cyber attack of any sort, it is best that you engage the appropriate authorities at your local level, and leave the cybercrime / cyberwar debate to law enforcement, government agencies, and politicians.

Leahy introduces Cyber Crime Protection Security Act

Mon, 20 Feb 2012 11:34:42 GMT

WASHINGTON (Wednesday, Feb. 15, 2012) – Senator Patrick Leahy (D-Vt.) introduced legislation Wednesday to address the growing threat of cyber crime. The Cyber Crime Protection Security Act will bolster tools for law enforcement to prevent and prosecute cyber crime. The legislation closely mirrors cyber crime proposals submitted by the Obama administration to Congress last May.

“We simply cannot afford to ignore the growing threat of cyber crime,” said Leahy. “We must give the dedicated prosecutors and investigators in our government the tools that they need to address criminal activity in cyberspace.”

The Cyber Crime Protection Security Act will provide the government with new tools to better prosecute organized criminal activity involving computer fraud. The legislation will also streamline and enhance the criminal penalties for computer fraud, and address cyber crime involving the trafficking of consumers’ online passwords. In addition, the bill provides law enforcement with resources to protect the nation’s critical infrastructure, making it a felony to damage a computer that manages or controls national defense, national security, transportation, public health and safety, or other critical infrastructure systems.

“To build a secure future for our nation and its citizens in cyberspace, Congress must work together — across party lines and ideology — to address the dangers of cybercrime and other cyber threats,” Leahy said. “It is in that cooperative spirit that I urge all Senators to support this important cybercrime legislation.”

The Senate Judiciary Committee last year approved the Leahy-authored Personal Data Privacy and Security Act, which included provisions nearly identical to the Cyber Crime Protection Security Act.

Leahy’s Personal Data Privacy and Security Act also included provisions to establish a national standard for data breach notification, and a requirement that American businesses that collect and store consumers’ sensitive personal information establish and implement data privacy and security programs to prevent breaches from occurring. Leahy first introduced that legislation in 2005.

Is Your City the ‘Riskiest’ for Cybercrime?

Fri, 17 Feb 2012 09:30:40 GMT

Head’s up, Washington, D.C. — according to a list compiled by online security provider Norton and research firm Sperling’s BestPlaces, the U.S. capital has the highest number of cybercrime risk factors in the nation. Seattle, San Francisco, Atlanta and Boston round-out the top-five riskiest places.

The evaluation took a close look at data from a total of 50 U.S. cities, examining factors such as the number of computers and mobile devices in a city, unsecured Wi-Fi hot spots and social networking use, in determining the rankings.

While cities with the greatest risk factors don’t generally mean they have highest infection rates, reflection that many consumers have taken steps to keep their online information safe.

“In our examination of the riskiest online cities, we’ve considered a number of factors that can potentially affect online safety,” said Bert Sperling, founder of Sperling’s BestPlaces and lead researcher for the analysis, in a statement. “By looking at data from consumer lifestyle habits as well as cybercrime data provided by Symantec, maker of Norton products, we’re able to provide a holistic view of the various factors that put a person at potential risk.”

The research found that Washington D.C. had placed high in almost all of the factors measuring potential risk, including the second-highest usage of smartphones. The city also placed high in other criteria, including attempted malware infections and Web attacks.

Seattle, which topped list of riskiest cities in 2010, was also at the top in many of the risk categories, including email use and social networking.

The complete 50-city list is:

1. Washington, D.C.
2. Seattle
3. San Francisco
4. Atlanta
5. Boston
6. Denver
7. Minneapolis
8. Sacramento, Calif.
9. Raleigh, N.C.
10. Austin, Texas
11. Las Vegas
12. San Diego
13. San Jose, Calif.
14. Honolulu
15. Dallas
16. Portland, Ore.
17. Kansas City
18. Baltimore
19. Chicago
20. Colorado Springs, Colo.
21. Oakland, Calif.
22. St. Louis
23. Miami
24. Houston, Texas
25. Charlotte, N.C.
26. Cincinnati, Ohio
27. Philadelphia
28. Columbus, Ohio
29. Indianapolis, Ind.
30. New York
31. Phoenix
32. Fort Worth, Texas
33. Cleveland
34. Omaha, Neb.
35. Los Angeles
36. Nashville-Davidson County, Tenn.
37. Milwaukee
38. Oklahoma City
39. Pittsburgh
40. Jacksonville, Fla.
41. Albuquerque, N.M.
42. Virginia Beach, Va.
43. San Antonio, Texas
44. Long Beach, Calif.
45. Tucson, Ariz.
46. Fresno, Calif.
47. Memphis, Tenn.
48. Tulsa, Okla.
49. El Paso, Texas
50. Detroit

So what can people in the riskiest cities do to protect themselves? Norton had three tips to share:
Proceed with caution when using Wi-Fi hot spots — making sure you’re on a secured network when conducting online purchases or doing banking
Use complex and unique passwords for each website — a combination of letters and numbers is highly recommended, as is changing passwords regularly.
Stay educated — keep an eye on the latest information and tips regarding cybersecurity.

Seattle cybercrime risk remains high

Thu, 16 Feb 2012 09:37:40 GMT

Seattle is the second riskiest city for cybercrime, after Washington D.C., according to anti-virus company Norton and independent research firm Sperling’s BestPlaces. Last year, Seattle was number one on the list.
According to the report, the ranking does not necessarily mean Seattle has one of the highest rates of infections. Rather, it has a large number of computer and smartphone users, unsecured Wi-Fi hotspots, social-network use and other potential risk factors.

In a majority of categories, including email use and social-network activity, Seattle scored highest among the 50 cities surveyed. Both Seattle and San Francisco, which ranked third on the overall list, had a high number of Wi-Fi hotspots and hours spent on the Internet.

The Top 10 on the full list were: Washington, D.C., Seattle, San Francisco, Atlanta, Boston, Denver, Minneapolis, Sacramento, Raleigh, N.C., and Austin, Texas. Of the 50 cities surveyed, Detroit ranked as least risky because of its lack of Wi-Fi hotspots and potentially risky online behavior.

Norton, a partner of software company Symantec, recommends using passwords with upper- and lowercase letters, symbols and numbers, and changing them regularly. It also urges caution when using unsecured Wi-Fi networks, especially for online purchases or banking.

Cyber crime increasing in India at fast clip: P Chidambaram

Wed, 15 Feb 2012 09:28:23 GMT

MUMBAI: The Union Home Ministry would like to work with the National Association of Software and Services Companies (NASSCOM) in the area of cyber crime, which is growing very fast, Home Minister P Chidambaram today said here.

He gave away NASSCOM Global Leadership Awards at a function here this evening. "In 2009, there were 2,866 reported incidents of cyber crime in India. The US-based Internet Crime Control Centre has said that India ranks fifth in number of cyber crimes. Every year cyber crime in India is going up at the rate of 50 per cent. Over the last five years, around 9,000 Indian websites were hacked," Chidambaram said.

NASSCOM and Data Security Council of India (DSCI) had prepared a detailed project report to set up cyber forensic labs across the country, he said. The idea is to set up cyber crime police stations and cyber forensic labs all over the country. We would also like to set up a national research centre for cyber forensics in the country, for which we would like to work together with Nasscom."

FDLE Creates Cybercrime Unit

Tue, 14 Feb 2012 13:13:36 GMT

ORLANDO, Fla. -- The Florida Department of Law Enforcement created a cybercrime task force to keep up with crimes committed online. Special Agent Jeff Duncan said complaints about cybercrimes, whether it was financial or sex crimes, were in the past first routed to the agency's Tallahassee office for investigation. Duncan said after the investigation in Florida's capital, cases were assigned to local agents and police agencies.

"It's a big deal anytime that we can stop that type of organization and identify whose identity has been stolen," said Duncan. Seven regional cybercrime units have been established, with one in Orlando. The new cybercrime team will be able to investigate and connect clues more quickly than if it had to wait for information from Tallahassee.

"It will save us hours if not days off of an investigation," said Apopka police Detective Matt Reinhardt. "With us being able to arrest them right then and there, you know by the information obtained, it saves a lot of tax dollars and our time."A new mobile forensic van will help the cybercrimes team in the next few months. Agents said they will be able to dissect computers on the spot, while detaining suspects, so they can make arrests more quickly.

Cyber crime detectives get base in region

Mon, 13 Feb 2012 09:41:03 GMT

Yorkshire police are to play a key role in Britain’s fight against cyber crime, tackling dangers ranging from industrial espionage to organised fraud. A specialist e-crime unit, designed to combat a growing threat from hackers, will be based in the region after chief officers secured Government funding.

The £30m deal, which will also see hubs created in the North West and the East Midlands, is to be announced today at the Association of Chief Police Officers’ e-crime conference in Sheffield. The new hubs, each manned by three detectives, will work alongside an existing e-crime unit run by the Metropolitan Police. Security officials consider cyber crime to be as large a threat as international terrorism, a military crisis or a major accident or natural hazard requiring a national response.

Yorkshire’s regional policing head, Deputy Chief Constable Mark Whyman, said: “By using our local expertise to tackle what is a rapidly growing crime problem for our communities and the economy, we can yet again place our region at the forefront of policing developments.”

Home Office Minister James Brokenshire said: “Cyber crime is a threat locally and nationally, and every police force in the country has to deal with its impact on people and businesses in their area.”

UK launches regional cybercrime hubs

Sat, 11 Feb 2012 10:03:03 GMT

Units in Yorkshire and the Humber, the Northwest and East Midlands will help fight battle against online threats. Three specialist police cybercrime teams have been created across the UK to tackle the growing threat of online crime.

The centres will be set up in Yorkshire and the Humber, the Northwest and East Midlands and they will work alongside the Metropolitan Police Centre e-crime Unit (PCeU) in London, which deals with national online security, the BBC said.

The hubs are part of a four-year, £30m commitment from the UK government to improve national capability to investigate and combat cyber crime. The units will be staffed by a detective sergeant and two detective constables, who will be fully trained before the units are operational.

ACPO head of e-crime and deputy assistant commissioner Janet Williams said the three units will play a "crucial role" in protecting the UK from the threat of cybercrime.

"It is anticipated the hubs will make a significant contribution to the national harm reduction target of £504m," she added. "In the first six months of the new funding period alone we have already been able to show a reduction of £140m with our existing capability. They will undoubtedly provide an enhanced ability to investigate this fast growing area of crime and provide an improved internet investigation capability."

"As well as leading the fight in their regions, these units mark a significant step forward in developing a national response to cyber crime, which will be driven by the new National Crime Agency. The government has committed £650m in the fight against e-crime," added James Brokenshire, Minister for Crime and Security.