Highly sensitive details of a US military missile air defence system were found on a second-hand hard drive bought on eBay.

The test launch procedures were found on a hard disk for the THAAD (Terminal High Altitude Area Defence) ground to air missile defence system, used to shoot down Scud missiles in Iraq.

The disk also contained security policies, blueprints of facilities and personal information on employees including social security numbers, belonging to technology company Lockheed Martin – who designed and built the system.

A missile launch in California: Details of the ground-to-air defence system were found on a computer hard drive

British researchers found the data while studying more than 300 hard disks bought at computer auctions, computer fairs and eBay.

The experts also uncovered other sensitive information including bank account details, medical records, confidential business plans, financial company data, personal id numbers, and job descriptions.

The drives were bought from the UK, America, Germany, France and Australia by BT’s Security Research Centre in collaboration with the University of Glamorgan in Wales, Edith Cowan University in Australia and Longwood University in the US.

A spokesman for BT said they found 34 per cent of the hard disks scrutinised contained ‘information of either personal data that could be identified to an individual or commercial data identifying a company or organisation.’

And researchers said a ‘surprisingly large range and quantity of information that could have a potentially commercially damaging impact or pose a threat to the identity and privacy of the individuals involved was recovered as a result of the survey.’

Two disks appear to have been formerly used by Lanarkshire NHS Trust to hold information from the Monklands and Hairmyres hospitals including patient medical records, images of x-rays, medical staff shifts and sensitive and confidential staff letters.

In Australia, one disk came from a nursing home and contained pictures of patients and their wounds.

Confidential material including network data and security logs from the German Embassy in Paris were also discovered on a disk from France.

And the trading performances and budgets of a UK-based fashion company, corporate data from a major motor manufacturing company were discovered along with details of a proposed 50 billion currency exchange through Spain involving a US-based consultant.

Dr Andy Jones, head of information security research at BT, who led the survey, said: ‘This is the fourth time we have carried out this research and it is clear that a majority of organisations and private individuals still have no idea about the potential volume and type of information that is stored on computer hard disks.

‘For a very large proportion of the disks we looked at we found enough information to expose both individuals and companies to a range of potential crimes such as fraud, blackmail and identity theft.

‘Businesses also need to be aware that they could also be acting illegally by not disposing of this kind of data properly.’

Dr Iain Sutherland of the University of Glamorgan said: ‘Of significant concern is the number of large organisations that are still not disposing of confidential information in a secure manner. In the current financial climate they risk losing highly valuable propriety data.’

A spokesman for Lockheed Martin, who make the THADD launch system, said: ‘Lockheed Martin is not aware of any compromise of data related to the Terminal High Altitude Area Defence programme.

‘Until Lockheed Martin can evaluate the hard drive in question, it is not possible to comment further on its potential contents or source.’

A spokesman for NHS Lanarkshire said: ‘This study refers to hard disks which were disposed of in 2006. At that time NHS Lanarkshire had a contractual agreement with an external company for the disposal of computer equipment.

‘In this instance the hard drives had been subjected to a basic level of data removal by the company and had then been disposed of inappropriately. This was clearly in breach of contract and was wholly unacceptable.’

The spokesman said the trust now destroy equipment containing data on the premises, so no longer use external companies to dispose of IT equipment.

Source: MailOnline

A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.

 Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said.

 The worm started spreading late last year, infecting millions of computers and turning them into “slaves” that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.

 Its unidentified creators started using those machines for criminal purposes in recent weeks by loading more malicious software onto a small percentage of computers under their control, said Vincent Weafer, a vice president with Symantec Security Response, the research arm of the world’s largest security software maker, Symantec Corp.

 ”Expect this to be long-term, slowly changing,” he said of the worm. “It’s not going to be fast, aggressive.”

 Conficker installs a second virus, known as Waledac, that sends out e-mail spam without knowledge of the PC’s owner, along with a fake anti-spyware program, Weafer said.

 The Waledac virus recruits the PCs into a second botnet that has existed for several years and specializes in distributing e-mail spam.

 ”This is probably one of the most sophisticated botnets on the planet. The guys behind this are very professional. They absolutely know what they are doing,” said Paul Ferguson, a senior researcher with Trend Micro Inc, the world’s third-largest security software maker.

 He said Conficker’s authors likely installed a spam engine and another malicious software program on tens of thousands of computers since April 7.

 He said the worm will stop distributing the software on infected PCs on May 3 but more attacks will likely follow.

 ”We expect to see a different component or a whole new twist to the way this botnet does business,” said Ferguson, a member of The Conficker Working Group, an international alliance of companies fighting the worm.

 Researchers had feared the network controlled by the Conficker worm might be deployed on April 1 since the worm surfaced last year because it was programed to increase communication attempts from that date.

 The security industry formed the task force to fight the worm, bringing widespread attention that experts said probably scared off the criminals who command the slave computers.

 The task force initially thwarted the worm using the Internet’s traffic control system to block access to servers that control the slave computers.

 Viruses that turn PCs into slaves exploit weaknesses in Microsoft’s Windows operating system. The Conficker worm is especially tricky because it can evade corporate firewalls by passing from an infected machine onto a USB memory stick, then onto another PC. 

The Conficker botnet is one of many such networks controlled by syndicates that authorities believe are based in eastern Europe, Southeast Asia, China and Latin America.

Source: Reuters

April 1st came and went, and the Internet didn’t completely melt down as many were certain would happen. But Conficker is still out there, alive and well, much to the gross confusion of a scared technology-using populace. So what now?

Security company F-Secure published a helpful guide late last week about what Conficker can still do, when it could happen, and where we go from here. I won’t rehash their entire Q&A here — just click on over to F-Secure and check it out — but I do want to address some of the biggest questions about Conficker that I’ve received, including answers to some that aren’t covered on F-Secure’s Q&A page.

Q: How do I know if I have Conficker?
A: Probably the most common question I’ve been getting. Easiest way: Click this link and look for the images on the Conficker Eye Chart. If images are not showing up, you might have the worm. (Scroll down that page for details.)

Q: Now that April 1 has passed, do I still need to be worried?
A: Yes. Conficker is now live and waiting for instructions from its creators. Those instructions simply haven’t been delivered yet but could come at any time.

Q: Why not? Is this all just a joke?
A: It’s absolutely not a joke. The creators were in part thwarted by massive efforts to keep Conficker from spreading but are also likely to be lying low for now until the heat over Conficker dies down a bit.

Q: Who made this awful worm?
A: No one knows, but it is suspected to have originated in China. Microsoft’s $250,000 bounty on the creator still stands.

Q: Did the security software companies make this thing just to drum up business?
A: No. Trust me, they’re plenty busy with real malware attacks to need to write their own.

Q: How do I get rid of Conficker if I have it?
A: If your regular antivirus software is ineffective, this page has links to nine removal tools (scroll to the bottom).

Q: When will this ever end?
A: Probably not for a long time. As the F-Secure page notes, not “until all the computers are cleaned up or until the people behind it decide it’s not worth it anymore.”

Q: Why do people write all this horrible malware?
A: Easy: For the money. Most malware doesn’t just wreak havoc on your computer any more (deleting files and the like), now it usually turns your PC into a spam-sending zombie or harvests financial information from your system, all while you’re unaware of it. All of that translates directly into cash for the creator of the malware… and I guess that’s a lot easier than finding a job.

Source: Yahoo Tech (Christopher Null)

Change is not just a political hot topic these days. According to a Gartner analyst, four emerging software solutions are reshaping software as we know it and will likely cause major disruptions to vendors and how the software industry delivers its products and services.

“Four overarching trends are reshaping how IT is used in the workplace. Each of these megatrends or disrupters must be evaluated to determine if it will have an effect on the business,” said Yvonne Genovese, vice president and distinguished analyst at Gartner, at the Gartner Symposium/ITxpo in Orlando, Fla.

These software solutions are “changing to be user-centric, Web-centric, service-oriented and utilized through new delivery models, such as cloud and software as a service,” noted Genovese, in a press release from the event.

Here are the four major disruptions to the software industry that Genovese has identified:

Disrupter No. 1: Rise in New Technologies and Convergence of Existing Technologies. “The IT market has reached a period of accelerated change and innovation in how IT is applied and delivered to businesses and consumers,” states the release. “Technology changes that have been centered on SOA migration have now been augmented to include business process management, device portability and mashup-capable content.”

By 2010, for example, Genovese predicts that Web mashups will be the “dominant model” for the creation of composite enterprise applications. (To read about Oracle’s efforts on its next-gen applications, see “Oracle Fusion Applications: Is 2010 Delivery Too Little, Too Late, or Smart Strategy?”)
“Mashup popularity stems from the ease with which mashups can be created. Because mashup applications can be created on the fly, they open up possibilities for a new class of more short-term or disposable applications that could never meet the criteria for corporate investment,” says Genovese. “Another benefit is that users can easily personalize mashup content displays. Mashups can resolve issues such as content aggregation and the needs of business users to have the personal flexibility to do different things by combining data from within and outside the enterprise.”

Disrupter No. 2: Change in Software User and Support Demographics. Changes in how, where and when everyone works, as well as innovative methods in how companies obtain their software using the Internet, are fundamentally altering the structure of business. By 2015, Genovese says, no company will be able to build or sustain a competitive advantage unless “it capitalizes on the combined power of individualized behaviors, social dynamics and collaboration.”

“Most current software is focused on general enterprise needs rather than user-specific needs,” Genovese says. “The opportunity for business and IT leaders is to understand how the individualization of work will affect businesses, critical processes, innovation and inter-enterprise collaboration. End-user preferences will decide as much as half of all software, hardware and service acquisitions made by IT.” (See “P&G Flirts with Google Apps and Scares the Bejesus Out of Microsoft” for an inside account of why P&G users wanted to use Google Apps.)

Disrupter No. 3: Revolutionary Changes in Software and How it is Consumed. Genovese predicts that by 2010, SOA will be used, at least in part, in more than 80 percent of new, mission-critical applications and business processes. “The resulting future application environment will be more granular, inclusive and fluid to enable rapid composition, integration, orchestration and reuse,” according to Gartner.

During 2008 and 2009, Genovese states that businesses must “radically re-engineer their processes, governance and disciplines to initiate and manage this transition” as well as evaluate and manage external and off-premises delivery of applications.

“Market excitement over Web platforms, SaaS and other IT utility services will only intensify, and this will increase business buyers’ appetites for these new options and services,” says Genovese. “This period will see huge changes in all facets of the IT market including clients, providers, investors, business and IT professionals and consumers.”

Disrupter No. 4: Software Market Moves to Megavendors Supporting Large Ecosystems. Software megavendors (SAP and Oracle, for example) have proven their impact and influence over customer spending across a range of markets, Genovese notes. “Megavendors seek to dominate enterprise architecture and the terms of integration in multivendor portfolios,” she adds. However, focused vendors (a.k.a., best of breed) must coexist with other applications and with enterprise architecture.

“As the transformation to SOA for packaged applications and the exposing and manipulation of process metadata become minimum requirements for the next generation, it is megavendors that will have the resources, and focused vendors that will have the incentive,” Genovese added. Unfortunately, she stated that focused, best-of-breed vendors face a long time before a next generation of open, composite applications drives the market and opens it to a wider range of vendors.

“We see rapidly changing technology in an industry that seems to be maturing. Vendors are focusing more on the ‘business of software’ rather than solely on product competition,” Genovese says. “Users faced with increased vendor power and lower price flexibility are looking for alternatives, containment strategies and ways to lower vendor switch costs. How the vendors react to these changes and pressures will be the basis for changes in their competition over the next five years.”