|
Total Pageviews |
Attacks on 6 Banks Frustrate Customers
Six major American banks were hit in a wave of computer attacks last week, by a group claiming Middle Eastern ties, that caused Internet blackouts and delays in online banking.
Frustrated customers of Bank of America, JPMorgan Chase, Citigroup, U.S. Bank, Wells Fargo and PNC, who could not get access to their accounts or pay bills online, were upset because the banks had not explained clearly what was going on.
âIt was probably the least impressive corporate presentation of bad news I've ever seen,â said Paul Downs, a small-business owner in Bridgeport, Pa. âThis is extremely disconcerting.â
The banks suffered denial of service attacks, in which hackers barrage a Web site with traffic until it is overwhelmed and shuts down. Such attacks, while a nuisance, are not technically sophisticated and do not affect a company's computer network - or, in this case, funds or customer bank accounts. But they are enough to upset customers.
A hacker group calling itself Izz ad-Din al-Qassam Cyber Fighters - a reference to Izz ad-Din al-Qassam, a Muslim holy man who fought against European forces and Jewish settlers in the Middle East in the 1920s and 1930s - took credit for the attacks in online posts.
The group said it had attacked the banks in retaliation for an anti-Islam video that mocks the Prophet Muhammad. It also pledged to continue to attack American credit and financial institutions daily, and possibly institutions in France, Israel and Britain, until the video is taken offline. The New York Stock Exchange and Nasdaq were also targeted.
On Friday, PNC became the latest bank to experience delays and fall offline. Customers said they had been unable to get access to PNC's online banking site, and those that visited the bank's physical locations were told it was because PNC, and many others, had been hacked.
Fred Solomon, a PNC spokesman, said Friday afternoon that the bank's Web site was back online, but that it was still working to restore online bill payment. Asked why the bank was not better able to withstand such an attack, he said that while PNC had systems in place to prevent delays and disruption from hacker attacks, in this case âthe volume of traffic was unprecedented.â
Representatives for other banks also confirmed that they had experienced slow Internet performance and intermittent downtime because of an unusually high volume of traffic.
Security researchers said the attack methods were too basic to have taken so many American bank sites offline. The hackers appeared to be enlisting volunteers for the attacks with messages on various sites. On one blog, they called on people to visit two Web addresses that would cause their computers to flood banks with hundreds of data requests a second. They asked volunteers to attack banks according to a timetable: Wells Fargo on Tuesday, U.S. Bancorp on Wednesday and PNC on Thursday.
But experts said it seemed implausible that this method would create an attack of this scale. âThe number of users you need to break those targets is very high,â said Jaime Blasco, a security researcher at AlienVault who has been investigating the attacks. âThey must have had help from other sources.â
Those sources, Mr. Blasco said, would have to be a group with money, like a nation, or botnets - networks of infected computers that do the bidding of criminals. Botnets can be rented through black market schemes that are common in the Internet underground, or lent out by criminals or governments.
Last week, Senator Joseph I. Lieberman of Connecticut, chairman of the Senate Homeland Security Committee, said in an interview on C-Span that he believed Iran's government had sponsored the attacks in retaliation for Western economic sanctions. The hacker group rejected that claim. In an online post, it said the attacks had not been sponsored by a country and that its members âstrongly reject the American officials' insidious attempts to deceive public opinion.â
The hackers maintained that they were retaliating for the online video. âInsult to the prophet is not acceptable, especially when it is the last Prophet Muhammad,â they wrote.
It is very difficult to trace such attacks back to a particular country, security experts say, because they can be routed through different Internet addresses to mask their true origin.
But experts said they had seen an increase in such activity from Iran and in the number of so-called hacktivists, hackers who attack for political purposes rather than for profit, based in Iran.
âWe absolutely have seen more activity from the Middle East, and in particular Iran has been increasingly active as they build up their cyber capabilities,â said George Kurtz, the president of CrowdStrike, a computer security company, and former chief technology officer at McAfee. âThere is also a strong activist movement underfoot, which should be concerning to many large companies. The threat is real, and what we are seeing now is only the tip of the iceberg.â
James A. Lewis, a computer security expert at the Center for Strategic and International Studies, said that in this case, the attack methods used were âpretty basicâ to have been state-sponsored. But he added that even if the attacks were not the work of Iran's government, the state would be aware of them because Iran monitors its networks extensively.
For Mr. Downs, the small-business owner in Pennsylvania, such half explanations were of little consolation.
âA major bank has a problem and gives no indication of what's happening, when it started or when it will stop,â he said. âThat's pretty freaky if it's your own business's money and you need to do things with it.â
In Europe, Speed Cameras Meet Their Technological Match
BERLIN - When Marc Guerin, a software salesman, drives the 38 kilometers from his home west of Paris to Roissy Charles de Gaulle Airport, he seeks out the fastest route for his crossover and powers up his Coyote, a radar warning and traffic service that alerts him to the locations of 's 3,000 speed cameras.
When Mr. Guerin comes within four kilometers, or two and a half miles, of a speed camera, his Coyote screen warns that he has entered a âriskâ zone, and he closely monitors his speed.
Since he began using Coyote three years ago, Mr. Guerin said, he has not received a speeding ticket. He said he used to average three or four tickets a year which cost him about "400, or about $515.
âFor one thing, I no longer get caught by the speed cameras, which are all over France,â Mr. Guerin said. âFor another, it advises me constantly of the legal speed limits and traffic conditions, so I am better informed and much more relaxed when driving.â
Smartphone applications have been developed to monitor sleeping babies, open garage doors and analyze the nutritional content of a restaurant meal. Now in Europe, where the police in many countries use stationary and mobile radar cameras to catch speeders, the smartphone is being honed into a highly effective - and controversial - mobile radar detector.
âThis type of technology is going to soon be standard in most vehicles,â said Serge Bussat, the vice president of sales at Coyote, a company based in Paris whose driving applications are being used by 1.7 million people in Europe, a third of them in France.
Mr. Bussat said that 6 percent of all French drivers now use radar driving apps.
Tolerated in many European countries, the use of radar-detection services like Coyote's, which also monitors a driver's speed against posted limits and advises of traffic jams, was applauded last year by the French government as a useful driver education tool, which helped legitimize the service.
While a law prohibiting radar-detection technology remains on the books in , it is rarely enforced and may be amended to permit some driver alerts.
Only in , where border guards are trained to spot and seize radar detection consoles, is the ban still strictly enforced. In the United States, where speed cameras are not as widely used, services like Coyote's, which costs $63 a year or $185 when purchased by the month, are harder to justify. Also, receivers that can detect the Doppler radar waves emitted by police speed guns - like the original Fuzzbusters - are legal in the United States.
But in Europe, Doppler receivers tend to be outlawed and hidden, and permanent cameras are prevalent, so the market for app-based speed camera detection is growing. The two biggest makers of auto navigation devices, Garmin and TomTom, both bundle speed camera alert services with most of their latest products. A string of specialty services has also sprung up, including Coyote in France, Blitzer.de in Germany and Radardroid in .
Most of these companies rely on their users to scout and report the locations of speed cameras, which are then forwarded to others using the same application. Drivers passing the same points are asked to confirm or amend the sightings.
Across Europe, at least 25,000 speed cameras are in use, said Arpad Nemeth, the owner of Poiplaza, a firm in Budapest that manages a database of 4.7 million points of interest logged by their precise geographic coordinates. Mr. Nemeth, a retired television news editor, said the locations of mobile and fixed speed cameras in his database had been compiled by the 80,000 people who had downloaded and used his free application.
Governments in many European countries, Mr. Nemeth said, voluntarily publish the locations of permanent speed cameras, which tend to be installed at sites of frequent accidents. Like Coyote and Radardroid, Mr. Nemeth's Web site warns users that the use of radar detection databases is illegal in Germany and Switzerland. But enforcement, especially of apps on smartphones, is difficult if not impossible, he and others said.
Coyote, while warning of the legal ban in Germany, still provides data on German fixed and mobile cameras to users of its European service. So does Radardroid, a "6 application sold through Google's app store that is made by Ventero Telecom of Madrid.
âOur app is being used in Germany right now,â said Felix Ventero, the software engineer who created Radardroid, which is used by a million people, mostly in Europe. âThe reality is, people are using these services because the technology makes it possible.â
Regardless of how prevalent they are, radar detection applications remain controversial and services like Radardroid, which report the exact locations of mobile speed cameras, may have to change to satisfy the concerns of the law enforcement authorities, who view the services as enabling speeding and increasing the risk of injury and death.
Winner Uses Contest Site and Loses Grand Prize
After working as a lawyer for 22 years, Theodore A. Scott wanted a break. So he entered a contest sponsored by Gold Peak Tea, a Coca-Cola tea brand, offering the ultimate respite for weary workers: a year off work and a $100,000 prize.
Mr. Scott, 60, made it to the second round for which he created a video that was voted on by Gold Peak Tea fans on Facebook. To his surprise, he won the grand prize. He and his family were elated.
âEverybody is shouting and laughing and crying and so happy,â Mr. Scott said. âIt's just like we won the or won the lottery.â
But the feeling was short-lived. Days later, Mr. Scott was informed that he had violated the terms and conditions of the contest and was disqualified. The reason given was that he had used an online contest forum, a Web site where people who enter crowdsourced digital sweepstakes post links to those contests and ask members to vote for them.
But Mr. Scott did not go away quietly, and Gold Peak Tea finds that it is just the latest company to try to create excitement for its brand on social media only to find that sentiment can quickly turn.
The contest, called âTake the Year Off,â was one of several this year sponsored by marketers like McDonald's and the Las Vegas Convention and Visitors Authority aimed at downtrodden workers looking for respite in a tough economy.
An image on Gold Peak Tea's Facebook page promoting the contest that showed a woman kneeling against a file cabinet appearing to scream caught Mr. Scott's attention. âI get it. I see where she is. I understand her,â he said in an interview last week. In his contest entry, Mr. Scott described how his job had taken him away from his family. âI had a family. I had a home,â Mr. Scott's letter began. âBut I let my career defer them. I let my debts outweigh them. I let deadlines sideline them. I let an office, computer, phone, and e-mails crush them.â
Mr. Scott pledged to spend the year off enjoying time with his family - he has four sons, four grandsons, and has been married for more than 35 years. âI'll enjoy simplicity. Listen to music. Read. Write. Relax. And sip a glass of iced tea - at home,â he wrote in the essay.
In his follow-up video, Mr. Scott is seen at his desk, answering calls, books stacked on his desk, shuffling from office to office.
To increase his chances, Mr. Scott became a member of an online contest forum on About.com and made his pitch to the voters there. Susan Stribling, a representative for Coca-Cola, said the company declined to comment but pointed a reporter to a statement that had been posted on the company's Facebook page. According to the statement, Mr. Scott had been disqualified for trying âto inappropriately induce members of the public to vote for his submission, a violation of Official Contest Rules.â
In an e-mail to Mr. Scott, Sarah Tabb, an associate brand manager for Gold Peak Tea, cited Section 6B of the contest rules which states that finalists were prohibited from obtaining votes by âoffering prizes or other inducements to members of the public, vote farming, or any other activity that artificially inflates such finalists votes as determined by sponsor in its sole discretion.â
Sandra Grauschopf a sweepstakes consultant for brands and the writer of the contests and sweepstakes guide on About.com, said the issues with voter forums were complicated for companies. Brands are caught between wanting to drive traffic to their Facebook pages by encouraging consumer voting and managing how those votes are obtained, Ms. Grauschopf said.
âIt's a tough situation for them to be in,â she said of the companies hosting the sweepstakes. âOn the other hand, they don't want to have their image tarnished by other people saying that there is cheating going on.â
In a statement, ePrize, the company the administered the contest on behalf of Coca-Cola, said brands were seeing âsuccess with promotional campaigns online, particularly in social and mobile channels.â
âBut along with that, there will be more technologies developed and attempts to abuse the system,â the statement continued. âOf course, there are other instances in which people don't intend to break the rules but simply do not follow them correctly.â
Mr. Scott, defended his use of the forum saying he saw nothing in the rules that prohibited someone from asking for votes. âThese were real people,â he said. âNot robotics or the creation of fake Facebook accounts.â
Ms. Grauschopf agreed. âIn my opinion, that's not cheating if those are real people who aren't being induced.â
Coca-Cola declined to say who tipped the company off to Mr. Scott's methods.
Ms. Grauschopf said, âIt sounds to me like they are saying, we don't want the public relations problems.â
One such public relations disaster happened with another online voting contest involving American Apparel, the clothing company known for its risqué ads. In 2011, The company held a contest that asked readers to vote on who should be its plus-size model.
Nancy Upton, an entrant, submitted photos of herself in daring poses, including one where she was almost naked from the waist down and another where she was bathing in a tub of salad dressing.
In the end, Ms. Upton was voted the winner, much to the chagrin of American Apparel. After some back and forth, the company decided to select another candidate as the winning model.
In Mr. Scott's case, Gold Peak Tea chose another entrant's submission as the winner, despite a number of posts on the company's Facebook page calling for Mr. Scott to be reinstated as the winner. (Gold Peak Tea has removed some of the posts related to Mr. Scott's case citing its decency rules for the Facebook page.)
Mr. Scott has since posted a rebuttal on the Gold Peak Tea Facebook page, and has created a Twitter account to support his cause, @GoTeamTheodore. He said he is deeply embarrassed.
Linda A. Goldstein, a partner and chair of the advertising, marketing and media division at the law firm at the law firm Manatt, Phelps & Phillips said there was âa very strongâ legal precedent in the courts for upholding contest rules.
âThere's a broad discretion for the sponsor to disqualify an entrant,â said Ms. Goldstein, who has worked with Coca-Cola in the past. âThe precedent in the courts for upholding the rules in the sponsor's favor is quite strong.â
Iranian News Agency Claims Onion Report It Ran by Mistake Is Essentially True
Iran's Fars News Agency admitted on Sunday that its report, âGallup Poll: Rural Whites Prefer Ahmadinejad To Obama,â was copied entirely from The Onion, a satirical American publication the editors in Tehran mistook for a news source.
FNA Apologizes for Recent Mistake http://t.co/zEMJHedQ
- Fars News Agency (@FNA_Iran) 30 Sep 12
An editor at the Iranian agency, which is close to the powerful Islamic Revolutionary Guards Corps, said in the long, somewhat grudging apology: âThe news item was extracted from the satirical magazine, The Onion, by mistake and it was taken downâ from the agency's English-language Web site within two hours.
The unnamed editor went on to argue that the premise of the Onion report - that Iran's president, Mahmoud Ahmadinejad, is more popular with white, rural Americans than President Obama - might even be accurate, if fictional. âAlthough it does not justify our mistake,â he said, âwe do believe that if a free opinion poll is conducted in the U.S., a majority of Americans would prefer anyone outside the U.S. political system to President Barack Obama.â
The editor made no mention of the fact that, as The Lede explained on Friday, Fars and at least two other Iranian news agencies also published Persian-language versions of the Onion's story before it appeared in English.
He also did not acknowledge that there was anything wrong with the agency copying text from other publications without attribution. Large chunks of the apology itself appear to have been copied word-for-word from American news sites.
One passage, which rec ounts in detail other instances of news organizations mistaking Onion parodies for the genuine article, begins with text lifted from an Associated Press report on the confusion at Fars on Friday:
It's not the first time a news outlet has been duped by The Onionâ¦. In 2002, the Beijing Evening News, one of the Chinese capital's biggest newspapers, picked up a story from The Onion that claimed members of Congress were threatening to leave Washington unless the building underwent a makeover that included more bathrooms and a retractable dome
A whole paragraph of the Fars apology - on an illustration in The New York Times last year that accidentally included a photo from The Onion - is copied straight from a report by the Web site Mediaite on the newspaper's correction:
The New York Times admitted they made the mistake of treating a fake creation from The Onion as something legitimate. Last week the Times printed an article documenting the history of the squeaky-clean teen magazine Tiger Beat, and included a retrospective of past magazine covers. Unfortunately (or humorously depending on one's perspective), in the collection they also included a parody cover created by The Onion, which featured President Obama.
Another sentence - âIn February, Rep. John Fleming (R-La.), deleted a Facebook post in which he linked to an Onion article about Planned Parenthood that he did not realize was satiricalâ - comes from a Politico report last Friday on the Fars mishap.
The rest of the Fars apology is a long recitation of âgoofsâ made by BBC News journalists, compiled by The Telegraph, although none of them involved mistaking fiction for fact.
As Kevin Fallon noted in The Daily Beast on Saturday, others who have mistaken Onion stories for real news reports include: the editors and readers of the Fox News site Fox Nation - who fell for âFrustrated Obama Sends Nation R ambling 75,000-Word Emailâ - and a tabloid in Bangladesh, which translated âConspiracy Theorist Convinces Neil Armstrong Moon Landing Was Fakedâ into Bengali, but did at least have the decency to attribute the report to The Onion News Network. The paper's associate editor explained later to Agence France-Press, âWe thought it was true, so we printed it without checking.â
The Web site Literally Unbelievable is dedicated to documenting instances of Onion parodies that are mistaken for real news on Facebook. As Glynnis MacNicol explained in a Mediaite report in 2010, a very large number of people expressed serious alarm about a YouTube clip headlined âIlluminati Warning: Martial Law Plans Revealed?â which appeared to show a Congressman describing dark plans for the American people during a speech. The video turned out to be from O-Span, The Onion's parody version of C-Span.
Also on Sunday, a jury in Tehran found a Reuters editor guilty of anti-state propaganda, because a colleague incorrectly described a group of women studying the martial art of ninjutsu to stay in shape in a video report as potential âassassinsâ willing âto defend the Islamic Republic to the death.â The jury's finding is advisory and and a judge is expected to issue a final verdict in the case against the news agency's Iranian bureau chief, Parisa Hafezi, next month.
The Reuters bureau in Tehran has been closed since March, when the errors in the voice-over script for the television report on the female âninjasâ came to the attention of Iranian officials. Ms. Hafezi, an Iranian national, has been barred from leaving the country.
As Reuters explains, the bureau chief âformally leads Reuters' Iran operations, but is only responsible for the text stories written by the bureau, not the visuals, captions or scr ipts produced by the television journalists or photographers.â At Reuters and other television news agencies, the narration for television reports from many parts of the world is often added in London by relatively junior journalists.